commit cb4734193d340444dcfba7081e23bf4bb56776e5 · pyrox.dev/nixpkgs

+1 -1

CONTRIBUTING.md

···

       538
        
         When adding yourself as maintainer, in the same pull request, make a separate

     

       539
        
         commit with the message `maintainers: add <handle>`.

     

       540
        
         Add the commit before those making changes to the package or module.

     

       541
       -
         See [Nixpkgs Maintainers](../maintainers/README.md) for details.

     

       542
        
       

     

       543
        
       ### Writing good commit messages

     

       544

···

       538
        
         When adding yourself as maintainer, in the same pull request, make a separate

     

       539
        
         commit with the message `maintainers: add <handle>`.

     

       540
        
         Add the commit before those making changes to the package or module.

     

       541
       +
         See [Nixpkgs Maintainers](./maintainers/README.md) for details.

     

       542
        
       

     

       543
        
       ### Writing good commit messages

     

       544

nixos/doc/manual/release-notes/rl-2311.section.md

···

       70
        
       

     

       71
        
       - [Prometheus MySQL exporter](https://github.com/prometheus/mysqld_exporter), a MySQL server exporter for Prometheus. Available as [services.prometheus.exporters.mysqld](#opt-services.prometheus.exporters.mysqld.enable).

     

       72
        
       

     

       0
        
       
     

       0
        
       
     

       73
        
       - [sitespeed-io](https://sitespeed.io), a tool that can generate metrics (timings, diagnostics) for websites. Available as [services.sitespeed-io](#opt-services.sitespeed-io.enable).

     

       74
        
       

     

       75
        
       - [stalwart-mail](https://stalw.art), an all-in-one email server (SMTP, IMAP, JMAP). Available as [services.stalwart-mail](#opt-services.stalwart-mail.enable).

     
···

       276
        
       

     

       277
        
       - Package `noto-fonts-emoji` was renamed to `noto-fonts-color-emoji`;

     

       278
        
         see [#221181](https://github.com/NixOS/nixpkgs/issues/221181).

     

       0
        
       
     

       0
        
       
     

       279
        
       

     

       280
        
       - Package `pash` was removed due to being archived upstream. Use `powershell` as an alternative.

     

       281

···

       70
        
       

     

       71
        
       - [Prometheus MySQL exporter](https://github.com/prometheus/mysqld_exporter), a MySQL server exporter for Prometheus. Available as [services.prometheus.exporters.mysqld](#opt-services.prometheus.exporters.mysqld.enable).

     

       72
        
       

     

       73
       +
       - [LibreNMS](https://www.librenms.org), a auto-discovering PHP/MySQL/SNMP based network monitoring. Available as [services.librenms](#opt-services.librenms.enable).

     

       74
       +
       

     

       75
        
       - [sitespeed-io](https://sitespeed.io), a tool that can generate metrics (timings, diagnostics) for websites. Available as [services.sitespeed-io](#opt-services.sitespeed-io.enable).

     

       76
        
       

     

       77
        
       - [stalwart-mail](https://stalw.art), an all-in-one email server (SMTP, IMAP, JMAP). Available as [services.stalwart-mail](#opt-services.stalwart-mail.enable).

     
···

       278
        
       

     

       279
        
       - Package `noto-fonts-emoji` was renamed to `noto-fonts-color-emoji`;

     

       280
        
         see [#221181](https://github.com/NixOS/nixpkgs/issues/221181).

     

       281
       +
       

     

       282
       +
       - Package `cloud-sql-proxy` was renamed to `google-cloud-sql-proxy` as it cannot be used with other cloud providers.;

     

       283
        
       

     

       284
        
       - Package `pash` was removed due to being archived upstream. Use `powershell` as an alternative.

     

       285

nixos/modules/module-list.nix

···

       775
        
         ./services/monitoring/kapacitor.nix

     

       776
        
         ./services/monitoring/karma.nix

     

       777
        
         ./services/monitoring/kthxbye.nix

     

       0
        
       
     

       778
        
         ./services/monitoring/loki.nix

     

       779
        
         ./services/monitoring/longview.nix

     

       780
        
         ./services/monitoring/mackerel-agent.nix

     
···

       1164
        
         ./services/security/sshguard.nix

     

       1165
        
         ./services/security/sslmate-agent.nix

     

       1166
        
         ./services/security/step-ca.nix

     

       0
        
       
     

       1167
        
         ./services/security/tor.nix

     

       1168
        
         ./services/security/torify.nix

     

       1169
        
         ./services/security/torsocks.nix

···

       775
        
         ./services/monitoring/kapacitor.nix

     

       776
        
         ./services/monitoring/karma.nix

     

       777
        
         ./services/monitoring/kthxbye.nix

     

       778
       +
         ./services/monitoring/librenms.nix

     

       779
        
         ./services/monitoring/loki.nix

     

       780
        
         ./services/monitoring/longview.nix

     

       781
        
         ./services/monitoring/mackerel-agent.nix

     
···

       1165
        
         ./services/security/sshguard.nix

     

       1166
        
         ./services/security/sslmate-agent.nix

     

       1167
        
         ./services/security/step-ca.nix

     

       1168
       +
         ./services/security/tang.nix

     

       1169
        
         ./services/security/tor.nix

     

       1170
        
         ./services/security/torify.nix

     

       1171
        
         ./services/security/torsocks.nix

+624

nixos/modules/services/monitoring/librenms.nix

···

       1
       +
       { config, lib, pkgs, ... }:

     

       2
       +
       

     

       3
       +
       let

     

       4
       +
         cfg = config.services.librenms;

     

       5
       +
         settingsFormat = pkgs.formats.json {};

     

       6
       +
         configJson = settingsFormat.generate "librenms-config.json" cfg.settings;

     

       7
       +
       

     

       8
       +
         package = pkgs.librenms.override {

     

       9
       +
           logDir = cfg.logDir;

     

       10
       +
           dataDir = cfg.dataDir;

     

       11
       +
         };

     

       12
       +
       

     

       13
       +
         phpOptions = ''

     

       14
       +
           log_errors = on

     

       15
       +
           post_max_size = 100M

     

       16
       +
           upload_max_filesize = 100M

     

       17
       +
           date.timezone = "${config.time.timeZone}"

     

       18
       +
         '';

     

       19
       +
         phpIni = pkgs.runCommand "php.ini" {

     

       20
       +
           inherit (package) phpPackage;

     

       21
       +
           inherit phpOptions;

     

       22
       +
           preferLocalBuild = true;

     

       23
       +
           passAsFile = [ "phpOptions" ];

     

       24
       +
         } ''

     

       25
       +
           cat $phpPackage/etc/php.ini $phpOptionsPath > $out

     

       26
       +
         '';

     

       27
       +
       

     

       28
       +
         artisanWrapper = pkgs.writeShellScriptBin "librenms-artisan" ''

     

       29
       +
           cd ${package}

     

       30
       +
           sudo=exec

     

       31
       +
           if [[ "$USER" != ${cfg.user} ]]; then

     

       32
       +
             sudo='exec /run/wrappers/bin/sudo -u ${cfg.user}'

     

       33
       +
           fi

     

       34
       +
           $sudo ${package}/artisan $*

     

       35
       +
         '';

     

       36
       +
       

     

       37
       +
         lnmsWrapper = pkgs.writeShellScriptBin "lnms" ''

     

       38
       +
           cd ${package}

     

       39
       +
           exec ${package}/lnms $*

     

       40
       +
         '';

     

       41
       +
       

     

       42
       +
         configFile = pkgs.writeText "config.php" ''

     

       43
       +
           <?php

     

       44
       +
           $new_config = json_decode(file_get_contents("${cfg.dataDir}/config.json"), true);

     

       45
       +
           $config = ($config == null) ? $new_config : array_merge($config, $new_config);

     

       46
       +
       

     

       47
       +
           ${lib.optionalString (cfg.extraConfig != null) cfg.extraConfig}

     

       48
       +
         '';

     

       49
       +
       

     

       50
       +
       in {

     

       51
       +
         options.services.librenms = with lib; {

     

       52
       +
           enable = mkEnableOption "LibreNMS network monitoring system";

     

       53
       +
       

     

       54
       +
           user = mkOption {

     

       55
       +
             type = types.str;

     

       56
       +
             default = "librenms";

     

       57
       +
             description = ''

     

       58
       +
               Name of the LibreNMS user.

     

       59
       +
             '';

     

       60
       +
           };

     

       61
       +
       

     

       62
       +
           group = mkOption {

     

       63
       +
             type = types.str;

     

       64
       +
             default = "librenms";

     

       65
       +
             description = ''

     

       66
       +
               Name of the LibreNMS group.

     

       67
       +
             '';

     

       68
       +
           };

     

       69
       +
       

     

       70
       +
           hostname = mkOption {

     

       71
       +
             type = types.str;

     

       72
       +
             default = config.networking.fqdnOrHostName;

     

       73
       +
             defaultText = literalExpression "config.networking.fqdnOrHostName";

     

       74
       +
             description = ''

     

       75
       +
               The hostname to serve LibreNMS on.

     

       76
       +
             '';

     

       77
       +
           };

     

       78
       +
       

     

       79
       +
           pollerThreads = mkOption {

     

       80
       +
             type = types.int;

     

       81
       +
             default = 16;

     

       82
       +
             description = ''

     

       83
       +
               Amount of threads of the cron-poller.

     

       84
       +
             '';

     

       85
       +
           };

     

       86
       +
       

     

       87
       +
           enableOneMinutePolling = mkOption {

     

       88
       +
             type = types.bool;

     

       89
       +
             default = false;

     

       90
       +
             description = ''

     

       91
       +
               Enables the [1-Minute Polling](https://docs.librenms.org/Support/1-Minute-Polling/).

     

       92
       +
               Changing this option will automatically convert your existing rrd files.

     

       93
       +
             '';

     

       94
       +
           };

     

       95
       +
       

     

       96
       +
           useDistributedPollers = mkOption {

     

       97
       +
             type = types.bool;

     

       98
       +
             default = false;

     

       99
       +
             description = ''

     

       100
       +
               Enables (distributed pollers)[https://docs.librenms.org/Extensions/Distributed-Poller/]

     

       101
       +
               for this LibreNMS instance. This will enable a local `rrdcached` and `memcached` server.

     

       102
       +
       

     

       103
       +
               To use this feature, make sure to configure your firewall that the distributed pollers

     

       104
       +
               can reach the local `mysql`, `rrdcached` and `memcached` ports.

     

       105
       +
             '';

     

       106
       +
           };

     

       107
       +
       

     

       108
       +
           distributedPoller = {

     

       109
       +
             enable = mkOption {

     

       110
       +
               type = types.bool;

     

       111
       +
               default = false;

     

       112
       +
               description = ''

     

       113
       +
                 Configure this LibreNMS instance as a (distributed poller)[https://docs.librenms.org/Extensions/Distributed-Poller/].

     

       114
       +
                 This will disable all web features and just configure the poller features.

     

       115
       +
                 Use the `mysql` database of your main LibreNMS instance in the database settings.

     

       116
       +
               '';

     

       117
       +
             };

     

       118
       +
       

     

       119
       +
             name = mkOption {

     

       120
       +
               type = types.nullOr types.str;

     

       121
       +
               default = null;

     

       122
       +
               description = ''

     

       123
       +
                 Custom name of this poller.

     

       124
       +
               '';

     

       125
       +
             };

     

       126
       +
       

     

       127
       +
             group = mkOption {

     

       128
       +
               type = types.str;

     

       129
       +
               default = "0";

     

       130
       +
               example = "1,2";

     

       131
       +
               description = ''

     

       132
       +
                 Group(s) of this poller.

     

       133
       +
               '';

     

       134
       +
             };

     

       135
       +
       

     

       136
       +
             distributedBilling = mkOption {

     

       137
       +
               type = types.bool;

     

       138
       +
               default = false;

     

       139
       +
               description = ''

     

       140
       +
                 Enable distributed billing on this poller.

     

       141
       +
               '';

     

       142
       +
             };

     

       143
       +
       

     

       144
       +
             memcachedHost = mkOption {

     

       145
       +
               type = types.str;

     

       146
       +
               description = ''

     

       147
       +
                 Hostname or IP of the `memcached` server.

     

       148
       +
               '';

     

       149
       +
             };

     

       150
       +
       

     

       151
       +
             memcachedPort = mkOption {

     

       152
       +
               type = types.port;

     

       153
       +
               default = 11211;

     

       154
       +
               description = ''

     

       155
       +
                 Port of the `memcached` server.

     

       156
       +
               '';

     

       157
       +
             };

     

       158
       +
       

     

       159
       +
             rrdcachedHost = mkOption {

     

       160
       +
               type = types.str;

     

       161
       +
               description = ''

     

       162
       +
                 Hostname or IP of the `rrdcached` server.

     

       163
       +
               '';

     

       164
       +
             };

     

       165
       +
       

     

       166
       +
             rrdcachedPort = mkOption {

     

       167
       +
               type = types.port;

     

       168
       +
               default = 42217;

     

       169
       +
               description = ''

     

       170
       +
                 Port of the `memcached` server.

     

       171
       +
               '';

     

       172
       +
             };

     

       173
       +
           };

     

       174
       +
       

     

       175
       +
           poolConfig = mkOption {

     

       176
       +
             type = with types; attrsOf (oneOf [ str int bool ]);

     

       177
       +
             default = {

     

       178
       +
               "pm" = "dynamic";

     

       179
       +
               "pm.max_children" = 32;

     

       180
       +
               "pm.start_servers" = 2;

     

       181
       +
               "pm.min_spare_servers" = 2;

     

       182
       +
               "pm.max_spare_servers" = 4;

     

       183
       +
               "pm.max_requests" = 500;

     

       184
       +
             };

     

       185
       +
             description = ''

     

       186
       +
               Options for the LibreNMS PHP pool. See the documentation on `php-fpm.conf`

     

       187
       +
               for details on configuration directives.

     

       188
       +
             '';

     

       189
       +
           };

     

       190
       +
       

     

       191
       +
           nginx = mkOption {

     

       192
       +
             type = types.submodule (

     

       193
       +
               recursiveUpdate

     

       194
       +
                 (import ../web-servers/nginx/vhost-options.nix { inherit config lib; }) {}

     

       195
       +
             );

     

       196
       +
             default = { };

     

       197
       +
             example = literalExpression ''

     

       198
       +
               {

     

       199
       +
                 serverAliases = [

     

       200
       +
                   "librenms.''${config.networking.domain}"

     

       201
       +
                 ];

     

       202
       +
                 # To enable encryption and let let's encrypt take care of certificate

     

       203
       +
                 forceSSL = true;

     

       204
       +
                 enableACME = true;

     

       205
       +
                 # To set the LibreNMS virtualHost as the default virtualHost;

     

       206
       +
                 default = true;

     

       207
       +
               }

     

       208
       +
             '';

     

       209
       +
             description = ''

     

       210
       +
               With this option, you can customize the nginx virtualHost settings.

     

       211
       +
             '';

     

       212
       +
           };

     

       213
       +
       

     

       214
       +
           dataDir = mkOption {

     

       215
       +
             type = types.path;

     

       216
       +
             default = "/var/lib/librenms";

     

       217
       +
             description = ''

     

       218
       +
               Path of the LibreNMS state directory.

     

       219
       +
             '';

     

       220
       +
           };

     

       221
       +
       

     

       222
       +
           logDir = mkOption {

     

       223
       +
             type = types.path;

     

       224
       +
             default = "/var/log/librenms";

     

       225
       +
             description = ''

     

       226
       +
               Path of the LibreNMS logging directory.

     

       227
       +
             '';

     

       228
       +
           };

     

       229
       +
       

     

       230
       +
           database = {

     

       231
       +
             createLocally = mkOption {

     

       232
       +
               type = types.bool;

     

       233
       +
               default = false;

     

       234
       +
               description = ''

     

       235
       +
                 Whether to create a local database automatically.

     

       236
       +
               '';

     

       237
       +
             };

     

       238
       +
       

     

       239
       +
             host = mkOption {

     

       240
       +
               default = "localhost";

     

       241
       +
               description = ''

     

       242
       +
                 Hostname or IP of the MySQL/MariaDB server.

     

       243
       +
               '';

     

       244
       +
             };

     

       245
       +
       

     

       246
       +
             port = mkOption {

     

       247
       +
               type = types.port;

     

       248
       +
               default = 3306;

     

       249
       +
               description = ''

     

       250
       +
                 Port of the MySQL/MariaDB server.

     

       251
       +
               '';

     

       252
       +
             };

     

       253
       +
       

     

       254
       +
             database = mkOption {

     

       255
       +
               type = types.str;

     

       256
       +
               default = "librenms";

     

       257
       +
               description = ''

     

       258
       +
                 Name of the database on the MySQL/MariaDB server.

     

       259
       +
               '';

     

       260
       +
             };

     

       261
       +
       

     

       262
       +
             username = mkOption {

     

       263
       +
               type = types.str;

     

       264
       +
               default = "librenms";

     

       265
       +
               description = ''

     

       266
       +
                 Name of the user on the MySQL/MariaDB server.

     

       267
       +
               '';

     

       268
       +
             };

     

       269
       +
       

     

       270
       +
             passwordFile = mkOption {

     

       271
       +
               type = types.path;

     

       272
       +
               example = "/run/secrets/mysql.pass";

     

       273
       +
               description = ''

     

       274
       +
                 A file containing the password for the user of the MySQL/MariaDB server.

     

       275
       +
                 Must be readable for the LibreNMS user.

     

       276
       +
               '';

     

       277
       +
             };

     

       278
       +
           };

     

       279
       +
       

     

       280
       +
           environmentFile = mkOption {

     

       281
       +
             type = types.nullOr types.str;

     

       282
       +
             default = null;

     

       283
       +
             description = ''

     

       284
       +
               File containing env-vars to be substituted into the final config. Useful for secrets.

     

       285
       +
               Does not apply to settings defined in `extraConfig`.

     

       286
       +
             '';

     

       287
       +
           };

     

       288
       +
       

     

       289
       +
           settings = mkOption {

     

       290
       +
             type = types.submodule {

     

       291
       +
               freeformType = settingsFormat.type;

     

       292
       +
               options = {};

     

       293
       +
             };

     

       294
       +
             description = ''

     

       295
       +
               Attrset of the LibreNMS configuration.

     

       296
       +
               See https://docs.librenms.org/Support/Configuration/ for reference.

     

       297
       +
               All possible options are listed [here](https://github.com/librenms/librenms/blob/master/misc/config_definitions.json).

     

       298
       +
               See https://docs.librenms.org/Extensions/Authentication/ for setting other authentication methods.

     

       299
       +
             '';

     

       300
       +
             default = { };

     

       301
       +
             example = {

     

       302
       +
               base_url = "/librenms/";

     

       303
       +
               top_devices = true;

     

       304
       +
               top_ports = false;

     

       305
       +
             };

     

       306
       +
           };

     

       307
       +
       

     

       308
       +
           extraConfig = mkOption {

     

       309
       +
             type = types.nullOr types.str;

     

       310
       +
             default = null;

     

       311
       +
             description = ''

     

       312
       +
               Additional config for LibreNMS that will be appended to the `config.php`. See

     

       313
       +
               https://github.com/librenms/librenms/blob/master/misc/config_definitions.json

     

       314
       +
               for possible options. Useful if you want to use PHP-Functions in your config.

     

       315
       +
             '';

     

       316
       +
           };

     

       317
       +
         };

     

       318
       +
       

     

       319
       +
         config = lib.mkIf cfg.enable {

     

       320
       +
           assertions = [

     

       321
       +
             {

     

       322
       +
               assertion = config.time.timeZone != null;

     

       323
       +
               message = "You must set `time.timeZone` to use the LibreNMS module.";

     

       324
       +
             }

     

       325
       +
             {

     

       326
       +
               assertion = cfg.database.createLocally -> cfg.database.host == "localhost";

     

       327
       +
               message = "The database host must be \"localhost\" if services.librenms.database.createLocally is set to true.";

     

       328
       +
             }

     

       329
       +
             {

     

       330
       +
               assertion = !(cfg.useDistributedPollers && cfg.distributedPoller.enable);

     

       331
       +
               message = "The LibreNMS instance can't be a distributed poller and a full instance at the same time.";

     

       332
       +
             }

     

       333
       +
           ];

     

       334
       +
       

     

       335
       +
           users.users.${cfg.user} = {

     

       336
       +
             group = "${cfg.group}";

     

       337
       +
             isSystemUser = true;

     

       338
       +
           };

     

       339
       +
       

     

       340
       +
           users.groups.${cfg.group} = { };

     

       341
       +
       

     

       342
       +
           services.librenms.settings = {

     

       343
       +
             # basic configs

     

       344
       +
             "user" = cfg.user;

     

       345
       +
             "own_hostname" = cfg.hostname;

     

       346
       +
             "base_url" = lib.mkDefault "/";

     

       347
       +
             "auth_mechanism" = lib.mkDefault "mysql";

     

       348
       +
       

     

       349
       +
             # disable auto update function (won't work with NixOS)

     

       350
       +
             "update" = false;

     

       351
       +
       

     

       352
       +
             # enable fast ping by default

     

       353
       +
             "ping_rrd_step" = 60;

     

       354
       +
       

     

       355
       +
             # one minute polling

     

       356
       +
             "rrd.step" = if cfg.enableOneMinutePolling then 60 else 300;

     

       357
       +
             "rrd.heartbeat" = if cfg.enableOneMinutePolling then 120 else 600;

     

       358
       +
           } // (lib.optionalAttrs cfg.distributedPoller.enable {

     

       359
       +
             "distributed_poller" = true;

     

       360
       +
             "distributed_poller_name" = lib.mkIf (cfg.distributedPoller.name != null) cfg.distributedPoller.name;

     

       361
       +
             "distributed_poller_group" = cfg.distributedPoller.group;

     

       362
       +
             "distributed_billing" = cfg.distributedPoller.distributedBilling;

     

       363
       +
             "distributed_poller_memcached_host" = cfg.distributedPoller.memcachedHost;

     

       364
       +
             "distributed_poller_memcached_port" = cfg.distributedPoller.memcachedPort;

     

       365
       +
             "rrdcached" = "${cfg.distributedPoller.rrdcachedHost}:${toString cfg.distributedPoller.rrdcachedPort}";

     

       366
       +
           }) // (lib.optionalAttrs cfg.useDistributedPollers {

     

       367
       +
             "distributed_poller" = true;

     

       368
       +
             # still enable a local poller with distributed polling

     

       369
       +
             "distributed_poller_group" = lib.mkDefault "0";

     

       370
       +
             "distributed_billing" = lib.mkDefault true;

     

       371
       +
             "distributed_poller_memcached_host" = "localhost";

     

       372
       +
             "distributed_poller_memcached_port" = 11211;

     

       373
       +
             "rrdcached" = "localhost:42217";

     

       374
       +
           });

     

       375
       +
       

     

       376
       +
           services.memcached = lib.mkIf cfg.useDistributedPollers {

     

       377
       +
             enable = true;

     

       378
       +
             listen = "0.0.0.0";

     

       379
       +
           };

     

       380
       +
       

     

       381
       +
           systemd.services.rrdcached = lib.mkIf cfg.useDistributedPollers {

     

       382
       +
             description = "rrdcached";

     

       383
       +
             after = [ "librenms-setup.service" ];

     

       384
       +
             wantedBy = [ "multi-user.target" ];

     

       385
       +
             serviceConfig = {

     

       386
       +
               Type = "forking";

     

       387
       +
               User = cfg.user;

     

       388
       +
               Group = cfg.group;

     

       389
       +
               LimitNOFILE = 16384;

     

       390
       +
               RuntimeDirectory = "rrdcached";

     

       391
       +
               PidFile = "/run/rrdcached/rrdcached.pid";

     

       392
       +
               # rrdcached params from https://docs.librenms.org/Extensions/Distributed-Poller/#config-sample

     

       393
       +
               ExecStart = "${pkgs.rrdtool}/bin/rrdcached -l 0:42217 -R -j ${cfg.dataDir}/rrdcached-journal/ -F -b ${cfg.dataDir}/rrd -B -w 1800 -z 900 -p /run/rrdcached/rrdcached.pid";

     

       394
       +
             };

     

       395
       +
           };

     

       396
       +
       

     

       397
       +
           services.mysql = lib.mkIf cfg.database.createLocally {

     

       398
       +
             enable = true;

     

       399
       +
             package = lib.mkDefault pkgs.mariadb;

     

       400
       +
             settings.mysqld = {

     

       401
       +
               innodb_file_per_table = 1;

     

       402
       +
               lower_case_table_names = 0;

     

       403
       +
             } // (lib.optionalAttrs cfg.useDistributedPollers {

     

       404
       +
               bind-address = "0.0.0.0";

     

       405
       +
             });

     

       406
       +
             ensureDatabases = [ cfg.database.database ];

     

       407
       +
             ensureUsers = [

     

       408
       +
               {

     

       409
       +
                 name = cfg.database.username;

     

       410
       +
                 ensurePermissions = {

     

       411
       +
                   "${cfg.database.database}.*" = "ALL PRIVILEGES";

     

       412
       +
                 };

     

       413
       +
               }

     

       414
       +
             ];

     

       415
       +
             initialScript = lib.mkIf cfg.useDistributedPollers (pkgs.writeText "mysql-librenms-init" ''

     

       416
       +
               CREATE USER IF NOT EXISTS '${cfg.database.username}'@'%';

     

       417
       +
               GRANT ALL PRIVILEGES ON ${cfg.database.database}.* TO '${cfg.database.username}'@'%';

     

       418
       +
             '');

     

       419
       +
           };

     

       420
       +
       

     

       421
       +
           services.nginx = lib.mkIf (!cfg.distributedPoller.enable) {

     

       422
       +
             enable = true;

     

       423
       +
             virtualHosts."${cfg.hostname}" = lib.mkMerge [

     

       424
       +
               cfg.nginx

     

       425
       +
               {

     

       426
       +
                 root = lib.mkForce "${package}/html";

     

       427
       +
                 locations."/" = {

     

       428
       +
                   index = "index.php";

     

       429
       +
                   tryFiles = "$uri $uri/ /index.php?$query_string";

     

       430
       +
                 };

     

       431
       +
                 locations."~ .php$".extraConfig = ''

     

       432
       +
                   fastcgi_pass unix:${config.services.phpfpm.pools."librenms".socket};

     

       433
       +
                   fastcgi_split_path_info ^(.+\.php)(/.+)$;

     

       434
       +
                 '';

     

       435
       +
               }

     

       436
       +
             ];

     

       437
       +
           };

     

       438
       +
       

     

       439
       +
           services.phpfpm.pools.librenms = lib.mkIf (!cfg.distributedPoller.enable) {

     

       440
       +
             user = cfg.user;

     

       441
       +
             group = cfg.group;

     

       442
       +
             inherit (package) phpPackage;

     

       443
       +
             inherit phpOptions;

     

       444
       +
             settings = {

     

       445
       +
               "listen.mode" = "0660";

     

       446
       +
               "listen.owner" = config.services.nginx.user;

     

       447
       +
               "listen.group" = config.services.nginx.group;

     

       448
       +
             } // cfg.poolConfig;

     

       449
       +
           };

     

       450
       +
       

     

       451
       +
           systemd.services.librenms-scheduler = {

     

       452
       +
             description = "LibreNMS Scheduler";

     

       453
       +
             path = [ pkgs.unixtools.whereis ];

     

       454
       +
             serviceConfig = {

     

       455
       +
               Type = "oneshot";

     

       456
       +
               WorkingDirectory = package;

     

       457
       +
               User = cfg.user;

     

       458
       +
               Group = cfg.group;

     

       459
       +
               ExecStart = "${artisanWrapper}/bin/librenms-artisan schedule:run";

     

       460
       +
             };

     

       461
       +
           };

     

       462
       +
       

     

       463
       +
           systemd.timers.librenms-scheduler = {

     

       464
       +
             description = "LibreNMS Scheduler";

     

       465
       +
             wantedBy = [ "timers.target" ];

     

       466
       +
             timerConfig = {

     

       467
       +
               OnCalendar = "minutely";

     

       468
       +
               AccuracySec = "1second";

     

       469
       +
             };

     

       470
       +
           };

     

       471
       +
       

     

       472
       +
           systemd.services.librenms-setup = {

     

       473
       +
             description = "Preparation tasks for LibreNMS";

     

       474
       +
             before = [ "phpfpm-librenms.service" ];

     

       475
       +
             after = [ "systemd-tmpfiles-setup.service" ]

     

       476
       +
               ++ (lib.optional (cfg.database.host == "localhost") "mysql.service");

     

       477
       +
             wantedBy = [ "multi-user.target" ];

     

       478
       +
             restartTriggers = [ package configFile ];

     

       479
       +
             path = [ pkgs.mariadb pkgs.unixtools.whereis pkgs.gnused ];

     

       480
       +
             serviceConfig = {

     

       481
       +
               Type = "oneshot";

     

       482
       +
               RemainAfterExit = true;

     

       483
       +
               EnvironmentFile = lib.mkIf (cfg.environmentFile != null) [ cfg.environmentFile ];

     

       484
       +
               User = cfg.user;

     

       485
       +
               Group = cfg.group;

     

       486
       +
               ExecStartPre = lib.mkIf cfg.database.createLocally [ "!${pkgs.writeShellScript "librenms-db-init" ''

     

       487
       +
                 DB_PASSWORD=$(cat ${cfg.database.passwordFile} | tr -d '\n')

     

       488
       +
                 echo "ALTER USER '${cfg.database.username}'@'localhost' IDENTIFIED BY '$DB_PASSWORD';" | ${pkgs.mariadb}/bin/mysql

     

       489
       +
                 ${lib.optionalString cfg.useDistributedPollers ''

     

       490
       +
                   echo "ALTER USER '${cfg.database.username}'@'%' IDENTIFIED BY '$DB_PASSWORD';" | ${pkgs.mariadb}/bin/mysql

     

       491
       +
                 ''}

     

       492
       +
               ''}"];

     

       493
       +
             };

     

       494
       +
             script = ''

     

       495
       +
               set -euo pipefail

     

       496
       +
       

     

       497
       +
               # config setup

     

       498
       +
               ln -sf ${configFile} ${cfg.dataDir}/config.php

     

       499
       +
               ${pkgs.envsubst}/bin/envsubst -i ${configJson} -o ${cfg.dataDir}/config.json

     

       500
       +
               export PHPRC=${phpIni}

     

       501
       +
       

     

       502
       +
               if [[ ! -s ${cfg.dataDir}/.env ]]; then

     

       503
       +
                 # init .env file

     

       504
       +
                 echo "APP_KEY=" > ${cfg.dataDir}/.env

     

       505
       +
                 ${artisanWrapper}/bin/librenms-artisan key:generate --ansi

     

       506
       +
                 ${artisanWrapper}/bin/librenms-artisan webpush:vapid

     

       507
       +
                 echo "" >> ${cfg.dataDir}/.env

     

       508
       +
                 echo -n "NODE_ID=" >> ${cfg.dataDir}/.env

     

       509
       +
                 ${package.phpPackage}/bin/php -r "echo uniqid();" >> ${cfg.dataDir}/.env

     

       510
       +
                 echo "" >> ${cfg.dataDir}/.env

     

       511
       +
               else

     

       512
       +
                 # .env file already exists --> only update database and cache config

     

       513
       +
                 ${pkgs.gnused}/bin/sed -i /^DB_/d ${cfg.dataDir}/.env

     

       514
       +
                 ${pkgs.gnused}/bin/sed -i /^CACHE_DRIVER/d ${cfg.dataDir}/.env

     

       515
       +
               fi

     

       516
       +
               ${lib.optionalString (cfg.useDistributedPollers || cfg.distributedPoller.enable) ''

     

       517
       +
                 echo "CACHE_DRIVER=memcached" >> ${cfg.dataDir}/.env

     

       518
       +
               ''}

     

       519
       +
               echo "DB_HOST=${cfg.database.host}" >> ${cfg.dataDir}/.env

     

       520
       +
               echo "DB_PORT=${toString cfg.database.port}" >> ${cfg.dataDir}/.env

     

       521
       +
               echo "DB_DATABASE=${cfg.database.database}" >> ${cfg.dataDir}/.env

     

       522
       +
               echo "DB_USERNAME=${cfg.database.username}" >> ${cfg.dataDir}/.env

     

       523
       +
               echo -n "DB_PASSWORD=" >> ${cfg.dataDir}/.env

     

       524
       +
               cat ${cfg.database.passwordFile} >> ${cfg.dataDir}/.env

     

       525
       +
       

     

       526
       +
               # clear cache after update

     

       527
       +
               OLD_VERSION=$(cat ${cfg.dataDir}/version)

     

       528
       +
               if [[ $OLD_VERSION != "${package.version}" ]]; then

     

       529
       +
                 rm -r ${cfg.dataDir}/cache/*

     

       530
       +
                 echo "${package.version}" > ${cfg.dataDir}/version

     

       531
       +
               fi

     

       532
       +
       

     

       533
       +
               # convert rrd files when the oneMinutePolling option is changed

     

       534
       +
               OLD_ENABLED=$(cat ${cfg.dataDir}/one_minute_enabled)

     

       535
       +
               if [[ $OLD_ENABLED != "${lib.boolToString cfg.enableOneMinutePolling}" ]]; then

     

       536
       +
                 ${package}/scripts/rrdstep.php -h all

     

       537
       +
                 echo "${lib.boolToString cfg.enableOneMinutePolling}" > ${cfg.dataDir}/one_minute_enabled

     

       538
       +
               fi

     

       539
       +
       

     

       540
       +
               # migrate db

     

       541
       +
               ${artisanWrapper}/bin/librenms-artisan migrate --force --no-interaction

     

       542
       +
             '';

     

       543
       +
           };

     

       544
       +
       

     

       545
       +
           programs.mtr.enable = true;

     

       546
       +
       

     

       547
       +
           services.logrotate = {

     

       548
       +
             enable = true;

     

       549
       +
             settings."${cfg.logDir}/librenms.log" = {

     

       550
       +
               su = "${cfg.user} ${cfg.group}";

     

       551
       +
               create = "0640 ${cfg.user} ${cfg.group}";

     

       552
       +
               rotate = 6;

     

       553
       +
               frequency = "weekly";

     

       554
       +
               compress = true;

     

       555
       +
               delaycompress = true;

     

       556
       +
               missingok = true;

     

       557
       +
               notifempty = true;

     

       558
       +
             };

     

       559
       +
           };

     

       560
       +
       

     

       561
       +
           services.cron = {

     

       562
       +
             enable = true;

     

       563
       +
             systemCronJobs = let

     

       564
       +
               env = "PHPRC=${phpIni}";

     

       565
       +
             in [

     

       566
       +
               # based on crontab provided by LibreNMS

     

       567
       +
               "33 */6 * * * ${cfg.user} ${env} ${package}/cronic ${package}/discovery-wrapper.py 1"

     

       568
       +
               "*/5 * * * * ${cfg.user} ${env} ${package}/discovery.php -h new >> /dev/null 2>&1"

     

       569
       +
       

     

       570
       +
               "${if cfg.enableOneMinutePolling then "*" else "*/5"} * * * * ${cfg.user} ${env} ${package}/cronic ${package}/poller-wrapper.py ${toString cfg.pollerThreads}"

     

       571
       +
               "* * * * * ${cfg.user} ${env} ${package}/alerts.php >> /dev/null 2>&1"

     

       572
       +
       

     

       573
       +
               "*/5 * * * * ${cfg.user} ${env} ${package}/poll-billing.php >> /dev/null 2>&1"

     

       574
       +
               "01 * * * * ${cfg.user} ${env} ${package}/billing-calculate.php >> /dev/null 2>&1"

     

       575
       +
               "*/5 * * * * ${cfg.user} ${env} ${package}/check-services.php >> /dev/null 2>&1"

     

       576
       +
       

     

       577
       +
               # extra: fast ping

     

       578
       +
               "* * * * * ${cfg.user} ${env} ${package}/ping.php >> /dev/null 2>&1"

     

       579
       +
       

     

       580
       +
               # daily.sh tasks are split to exclude update

     

       581
       +
               "19 0 * * * ${cfg.user} ${env} ${package}/daily.sh cleanup >> /dev/null 2>&1"

     

       582
       +
               "19 0 * * * ${cfg.user} ${env} ${package}/daily.sh notifications >> /dev/null 2>&1"

     

       583
       +
               "19 0 * * * ${cfg.user} ${env} ${package}/daily.sh peeringdb >> /dev/null 2>&1"

     

       584
       +
               "19 0 * * * ${cfg.user} ${env} ${package}/daily.sh mac_oui >> /dev/null 2>&1"

     

       585
       +
             ];

     

       586
       +
           };

     

       587
       +
       

     

       588
       +
           security.wrappers = {

     

       589
       +
             fping = {

     

       590
       +
               setuid = true;

     

       591
       +
               owner = "root";

     

       592
       +
               group = "root";

     

       593
       +
               source = "${pkgs.fping}/bin/fping";

     

       594
       +
             };

     

       595
       +
           };

     

       596
       +
       

     

       597
       +
           environment.systemPackages = [ artisanWrapper lnmsWrapper ];

     

       598
       +
       

     

       599
       +
           systemd.tmpfiles.rules = [

     

       600
       +
             "d ${cfg.logDir}                               0750 ${cfg.user} ${cfg.group} - -"

     

       601
       +
             "f ${cfg.logDir}/librenms.log                  0640 ${cfg.user} ${cfg.group} - -"

     

       602
       +
             "d ${cfg.dataDir}                              0750 ${cfg.user} ${cfg.group} - -"

     

       603
       +
             "f ${cfg.dataDir}/.env                         0600 ${cfg.user} ${cfg.group} - -"

     

       604
       +
             "f ${cfg.dataDir}/version                      0600 ${cfg.user} ${cfg.group} - -"

     

       605
       +
             "f ${cfg.dataDir}/one_minute_enabled           0600 ${cfg.user} ${cfg.group} - -"

     

       606
       +
             "f ${cfg.dataDir}/config.json                  0600 ${cfg.user} ${cfg.group} - -"

     

       607
       +
             "d ${cfg.dataDir}/storage                      0700 ${cfg.user} ${cfg.group} - -"

     

       608
       +
             "d ${cfg.dataDir}/storage/app                  0700 ${cfg.user} ${cfg.group} - -"

     

       609
       +
             "d ${cfg.dataDir}/storage/debugbar             0700 ${cfg.user} ${cfg.group} - -"

     

       610
       +
             "d ${cfg.dataDir}/storage/framework            0700 ${cfg.user} ${cfg.group} - -"

     

       611
       +
             "d ${cfg.dataDir}/storage/framework/cache      0700 ${cfg.user} ${cfg.group} - -"

     

       612
       +
             "d ${cfg.dataDir}/storage/framework/sessions   0700 ${cfg.user} ${cfg.group} - -"

     

       613
       +
             "d ${cfg.dataDir}/storage/framework/views      0700 ${cfg.user} ${cfg.group} - -"

     

       614
       +
             "d ${cfg.dataDir}/storage/logs                 0700 ${cfg.user} ${cfg.group} - -"

     

       615
       +
             "d ${cfg.dataDir}/rrd                          0700 ${cfg.user} ${cfg.group} - -"

     

       616
       +
             "d ${cfg.dataDir}/cache                        0700 ${cfg.user} ${cfg.group} - -"

     

       617
       +
           ] ++ lib.optionals cfg.useDistributedPollers [

     

       618
       +
             "d ${cfg.dataDir}/rrdcached-journal            0700 ${cfg.user} ${cfg.group} - -"

     

       619
       +
           ];

     

       620
       +
       

     

       621
       +
         };

     

       622
       +
       

     

       623
       +
         meta.maintainers = lib.teams.wdz.members;

     

       624
       +
       }

+95

nixos/modules/services/security/tang.nix

···

       1
       +
       { config, lib, pkgs, ... }:

     

       2
       +
       with lib;

     

       3
       +
       let

     

       4
       +
         cfg = config.services.tang;

     

       5
       +
       in

     

       6
       +
       {

     

       7
       +
         options.services.tang = {

     

       8
       +
           enable = mkEnableOption "tang";

     

       9
       +
       

     

       10
       +
           package = mkOption {

     

       11
       +
             type = types.package;

     

       12
       +
             default = pkgs.tang;

     

       13
       +
             defaultText = literalExpression "pkgs.tang";

     

       14
       +
             description = mdDoc "The tang package to use.";

     

       15
       +
           };

     

       16
       +
       

     

       17
       +
           listenStream = mkOption {

     

       18
       +
             type = with types; listOf str;

     

       19
       +
             default = [ "7654" ];

     

       20
       +
             example = [ "198.168.100.1:7654" "[2001:db8::1]:7654" "7654" ];

     

       21
       +
             description = mdDoc ''

     

       22
       +
               Addresses and/or ports on which tang should listen.

     

       23
       +
               For detailed syntax see ListenStream in {manpage}`systemd.socket(5)`.

     

       24
       +
             '';

     

       25
       +
           };

     

       26
       +
       

     

       27
       +
           ipAddressAllow = mkOption {

     

       28
       +
             example = [ "192.168.1.0/24" ];

     

       29
       +
             type = types.listOf types.str;

     

       30
       +
             description = ''

     

       31
       +
               Whitelist a list of address prefixes.

     

       32
       +
               Preferably, internal addresses should be used.

     

       33
       +
             '';

     

       34
       +
           };

     

       35
       +
       

     

       36
       +
         };

     

       37
       +
         config = mkIf cfg.enable {

     

       38
       +
           environment.systemPackages = [ cfg.package ];

     

       39
       +
       

     

       40
       +
           systemd.services."tangd@" = {

     

       41
       +
             description = "Tang server";

     

       42
       +
             path = [ cfg.package ];

     

       43
       +
             serviceConfig = {

     

       44
       +
               StandardInput = "socket";

     

       45
       +
               StandardOutput = "socket";

     

       46
       +
               StandardError = "journal";

     

       47
       +
               DynamicUser = true;

     

       48
       +
               StateDirectory = "tang";

     

       49
       +
               RuntimeDirectory = "tang";

     

       50
       +
               StateDirectoryMode = "700";

     

       51
       +
               UMask = "0077";

     

       52
       +
               CapabilityBoundingSet = [ "" ];

     

       53
       +
               ExecStart = "${cfg.package}/libexec/tangd %S/tang";

     

       54
       +
               LockPersonality = true;

     

       55
       +
               MemoryDenyWriteExecute = true;

     

       56
       +
               NoNewPrivileges = true;

     

       57
       +
               DeviceAllow = [ "/dev/stdin" ];

     

       58
       +
               RestrictAddressFamilies = [ "AF_UNIX" ];

     

       59
       +
               DevicePolicy = "strict";

     

       60
       +
               PrivateDevices = true;

     

       61
       +
               PrivateTmp = true;

     

       62
       +
               PrivateUsers = true;

     

       63
       +
               ProcSubset = "pid";

     

       64
       +
               ProtectClock = true;

     

       65
       +
               ProtectControlGroups = true;

     

       66
       +
               ProtectHome = true;

     

       67
       +
               ProtectHostname = true;

     

       68
       +
               ProtectKernelLogs = true;

     

       69
       +
               ProtectKernelModules = true;

     

       70
       +
               ProtectKernelTunables = true;

     

       71
       +
               ProtectProc = "invisible";

     

       72
       +
               ProtectSystem = "strict";

     

       73
       +
               RestrictNamespaces = true;

     

       74
       +
               RestrictRealtime = true;

     

       75
       +
               RestrictSUIDSGID = true;

     

       76
       +
               SystemCallArchitectures = "native";

     

       77
       +
               SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];

     

       78
       +
               IPAddressDeny = "any";

     

       79
       +
               IPAddressAllow = cfg.ipAddressAllow;

     

       80
       +
             };

     

       81
       +
           };

     

       82
       +
       

     

       83
       +
           systemd.sockets.tangd = {

     

       84
       +
             description = "Tang server";

     

       85
       +
             wantedBy = [ "sockets.target" ];

     

       86
       +
             socketConfig = {

     

       87
       +
               ListenStream = cfg.listenStream;

     

       88
       +
               Accept = "yes";

     

       89
       +
               IPAddressDeny = "any";

     

       90
       +
               IPAddressAllow = cfg.ipAddressAllow;

     

       91
       +
             };

     

       92
       +
           };

     

       93
       +
         };

     

       94
       +
         meta.maintainers = with lib.maintainers; [ jfroche julienmalka ];

     

       95
       +
       }

nixos/tests/all-tests.nix

···

       433
        
         lemmy = handleTest ./lemmy.nix {};

     

       434
        
         libinput = handleTest ./libinput.nix {};

     

       435
        
         libreddit = handleTest ./libreddit.nix {};

     

       0
        
       
     

       436
        
         libresprite = handleTest ./libresprite.nix {};

     

       437
        
         libreswan = handleTest ./libreswan.nix {};

     

       438
        
         librewolf = handleTest ./firefox.nix { firefoxPackage = pkgs.librewolf; };

     
···

       807
        
         systemd-userdbd = handleTest ./systemd-userdbd.nix {};

     

       808
        
         systemd-homed = handleTest ./systemd-homed.nix {};

     

       809
        
         tandoor-recipes = handleTest ./tandoor-recipes.nix {};

     

       0
        
       
     

       810
        
         taskserver = handleTest ./taskserver.nix {};

     

       811
        
         tayga = handleTest ./tayga.nix {};

     

       812
        
         teeworlds = handleTest ./teeworlds.nix {};

···

       433
        
         lemmy = handleTest ./lemmy.nix {};

     

       434
        
         libinput = handleTest ./libinput.nix {};

     

       435
        
         libreddit = handleTest ./libreddit.nix {};

     

       436
       +
         librenms = handleTest ./librenms.nix {};

     

       437
        
         libresprite = handleTest ./libresprite.nix {};

     

       438
        
         libreswan = handleTest ./libreswan.nix {};

     

       439
        
         librewolf = handleTest ./firefox.nix { firefoxPackage = pkgs.librewolf; };

     
···

       808
        
         systemd-userdbd = handleTest ./systemd-userdbd.nix {};

     

       809
        
         systemd-homed = handleTest ./systemd-homed.nix {};

     

       810
        
         tandoor-recipes = handleTest ./tandoor-recipes.nix {};

     

       811
       +
         tang = handleTest ./tang.nix {};

     

       812
        
         taskserver = handleTest ./taskserver.nix {};

     

       813
        
         tayga = handleTest ./tayga.nix {};

     

       814
        
         teeworlds = handleTest ./teeworlds.nix {};

+108

nixos/tests/librenms.nix

···

       1
       +
       import ./make-test-python.nix ({ pkgs, lib, ... }:

     

       2
       +
       

     

       3
       +
       let

     

       4
       +
         api_token = "f87f42114e44b63ad1b9e3c3d33d6fbe"; # random md5 hash

     

       5
       +
         wrong_api_token = "e68ba041fcf1eab923a7a6de3af5f726"; # another random md5 hash

     

       6
       +
       in {

     

       7
       +
         name = "librenms";

     

       8
       +
         meta.maintainers = lib.teams.wdz.members;

     

       9
       +
       

     

       10
       +
         nodes.librenms = {

     

       11
       +
           time.timeZone = "Europe/Berlin";

     

       12
       +
       

     

       13
       +
           environment.systemPackages = with pkgs; [

     

       14
       +
             curl

     

       15
       +
             jq

     

       16
       +
           ];

     

       17
       +
       

     

       18
       +
           services.librenms = {

     

       19
       +
             enable = true;

     

       20
       +
             hostname = "librenms";

     

       21
       +
             database = {

     

       22
       +
               createLocally = true;

     

       23
       +
               host = "localhost";

     

       24
       +
               database = "librenms";

     

       25
       +
               username = "librenms";

     

       26
       +
               passwordFile = pkgs.writeText "librenms-db-pass" "librenmsdbpass";

     

       27
       +
             };

     

       28
       +
             nginx = {

     

       29
       +
               default = true;

     

       30
       +
             };

     

       31
       +
             enableOneMinutePolling = true;

     

       32
       +
             settings = {

     

       33
       +
               enable_billing = true;

     

       34
       +
             };

     

       35
       +
           };

     

       36
       +
       

     

       37
       +
           # systemd oneshot to create a dummy admin user and a API token for testing

     

       38
       +
           systemd.services.lnms-api-init = {

     

       39
       +
             description = "LibreNMS API init";

     

       40
       +
             after = [ "librenms-setup.service" ];

     

       41
       +
             wantedBy = [ "multi-user.target" ];

     

       42
       +
             serviceConfig = {

     

       43
       +
               Type = "oneshot";

     

       44
       +
               RemainAfterExit = true;

     

       45
       +
               User = "root";

     

       46
       +
               Group = "root";

     

       47
       +
             };

     

       48
       +
             script = ''

     

       49
       +
               API_USER_NAME=api

     

       50
       +
               API_TOKEN=${api_token} # random md5 hash

     

       51
       +
       

     

       52
       +
               # we don't need to know the password, it just has to exist

     

       53
       +
               API_USER_PASS=$(${pkgs.pwgen}/bin/pwgen -s 64 1)

     

       54
       +
               ${pkgs.librenms}/artisan user:add $API_USER_NAME -r admin -p $API_USER_PASS

     

       55
       +
               API_USER_ID=$(${pkgs.mariadb}/bin/mysql -D librenms -N -B -e "SELECT user_id FROM users WHERE username = '$API_USER_NAME';")

     

       56
       +
       

     

       57
       +
               ${pkgs.mariadb}/bin/mysql -D librenms -e "INSERT INTO api_tokens (user_id, token_hash, description) VALUES ($API_USER_ID, '$API_TOKEN', 'API User')"

     

       58
       +
             '';

     

       59
       +
           };

     

       60
       +
         };

     

       61
       +
       

     

       62
       +
         nodes.snmphost = {

     

       63
       +
           networking.firewall.allowedUDPPorts = [ 161 ];

     

       64
       +
       

     

       65
       +
           systemd.services.snmpd = {

     

       66
       +
             description = "snmpd";

     

       67
       +
             after = [ "network-online.target" ];

     

       68
       +
             wants = [ "network-online.target" ];

     

       69
       +
             wantedBy = [ "multi-user.target" ];

     

       70
       +
             serviceConfig = {

     

       71
       +
               Type = "forking";

     

       72
       +
               User = "root";

     

       73
       +
               Group = "root";

     

       74
       +
               ExecStart = let

     

       75
       +
                 snmpd-config = pkgs.writeText "snmpd-config" ''

     

       76
       +
                   com2sec readonly default public

     

       77
       +
       

     

       78
       +
                   group MyROGroup v2c        readonly

     

       79
       +
                   view all    included  .1                               80

     

       80
       +
                   access MyROGroup ""      any       noauth    exact  all    none   none

     

       81
       +
       

     

       82
       +
                   syslocation Testcity, Testcountry

     

       83
       +
                   syscontact Testi mc Test <test@example.com>

     

       84
       +
                 '';

     

       85
       +
               in "${pkgs.net-snmp}/bin/snmpd -c ${snmpd-config} -C";

     

       86
       +
             };

     

       87
       +
           };

     

       88
       +
         };

     

       89
       +
       

     

       90
       +
         testScript = ''

     

       91
       +
           start_all()

     

       92
       +
       

     

       93
       +
           snmphost.wait_until_succeeds("pgrep snmpd")

     

       94
       +
       

     

       95
       +
           librenms.wait_for_unit("lnms-api-init.service")

     

       96
       +
           librenms.wait_for_open_port(80)

     

       97
       +
       

     

       98
       +
           # Test that we can authenticate against the API

     

       99
       +
           librenms.succeed("curl --fail -H 'X-Auth-Token: ${api_token}' http://localhost/api/v0")

     

       100
       +
           librenms.fail("curl --fail -H 'X-Auth-Token: ${wrong_api_token}' http://localhost/api/v0")

     

       101
       +
       

     

       102
       +
           # add snmphost as a device

     

       103
       +
           librenms.succeed("curl --fail -X POST -d '{\"hostname\":\"snmphost\",\"version\":\"v2c\",\"community\":\"public\"}' -H 'X-Auth-Token: ${api_token}' http://localhost/api/v0/devices")

     

       104
       +
       

     

       105
       +
           # wait until snmphost gets polled

     

       106
       +
           librenms.wait_until_succeeds("test $(curl -H 'X-Auth-Token: ${api_token}' http://localhost/api/v0/devices/snmphost | jq -Mr .devices[0].last_polled) != 'null'")

     

       107
       +
         '';

     

       108
       +
       })

+81

nixos/tests/tang.nix

···

       1
       +
       import ./make-test-python.nix ({ pkgs, ... }: {

     

       2
       +
         name = "tang";

     

       3
       +
         meta = with pkgs.lib.maintainers; {

     

       4
       +
           maintainers = [ jfroche ];

     

       5
       +
         };

     

       6
       +
       

     

       7
       +
         nodes.server =

     

       8
       +
           { config

     

       9
       +
           , pkgs

     

       10
       +
           , modulesPath

     

       11
       +
           , ...

     

       12
       +
           }: {

     

       13
       +
             imports = [

     

       14
       +
               "${modulesPath}/../tests/common/auto-format-root-device.nix"

     

       15
       +
             ];

     

       16
       +
             virtualisation = {

     

       17
       +
               emptyDiskImages = [ 512 ];

     

       18
       +
               useBootLoader = true;

     

       19
       +
               useEFIBoot = true;

     

       20
       +
               # This requires to have access

     

       21
       +
               # to a host Nix store as

     

       22
       +
               # the new root device is /dev/vdb

     

       23
       +
               # an empty 512MiB drive, containing no Nix store.

     

       24
       +
               mountHostNixStore = true;

     

       25
       +
             };

     

       26
       +
       

     

       27
       +
             boot.loader.systemd-boot.enable = true;

     

       28
       +
       

     

       29
       +
             networking.interfaces.eth1.ipv4.addresses = [

     

       30
       +
               { address = "192.168.0.1"; prefixLength = 24; }

     

       31
       +
             ];

     

       32
       +
       

     

       33
       +
             environment.systemPackages = with pkgs; [ clevis tang cryptsetup ];

     

       34
       +
             services.tang = {

     

       35
       +
               enable = true;

     

       36
       +
               ipAddressAllow = [ "127.0.0.1/32" ];

     

       37
       +
             };

     

       38
       +
           };

     

       39
       +
         testScript = ''

     

       40
       +
           start_all()

     

       41
       +
           machine.wait_for_unit("sockets.target")

     

       42
       +
       

     

       43
       +
           with subtest("Check keys are generated"):

     

       44
       +
             machine.wait_until_succeeds("curl -v http://127.0.0.1:7654/adv")

     

       45
       +
             key = machine.wait_until_succeeds("tang-show-keys 7654")

     

       46
       +
       

     

       47
       +
           with subtest("Check systemd access list"):

     

       48
       +
             machine.succeed("ping -c 3 192.168.0.1")

     

       49
       +
             machine.fail("curl -v --connect-timeout 3 http://192.168.0.1:7654/adv")

     

       50
       +
       

     

       51
       +
           with subtest("Check basic encrypt and decrypt message"):

     

       52
       +
             machine.wait_until_succeeds(f"""echo 'Hello World' | clevis encrypt tang '{{ "url": "http://127.0.0.1:7654", "thp":"{key}"}}' > /tmp/encrypted""")

     

       53
       +
             decrypted = machine.wait_until_succeeds("clevis decrypt < /tmp/encrypted")

     

       54
       +
             assert decrypted.strip() == "Hello World"

     

       55
       +
             machine.wait_until_succeeds("tang-show-keys 7654")

     

       56
       +
       

     

       57
       +
           with subtest("Check encrypt and decrypt disk"):

     

       58
       +
             machine.succeed("cryptsetup luksFormat --force-password --batch-mode /dev/vdb <<<'password'")

     

       59
       +
             machine.succeed(f"""clevis luks bind -s1 -y -f -d /dev/vdb tang '{{ "url": "http://127.0.0.1:7654", "thp":"{key}" }}' <<< 'password' """)

     

       60
       +
             clevis_luks = machine.succeed("clevis luks list -d /dev/vdb")

     

       61
       +
             assert clevis_luks.strip() == """1: tang '{"url":"http://127.0.0.1:7654"}'"""

     

       62
       +
             machine.succeed("clevis luks unlock -d /dev/vdb")

     

       63
       +
             machine.succeed("find /dev/mapper -name 'luks*' -exec cryptsetup close {} +")

     

       64
       +
             machine.succeed("clevis luks unlock -d /dev/vdb")

     

       65
       +
             machine.succeed("find /dev/mapper -name 'luks*' -exec cryptsetup close {} +")

     

       66
       +
             # without tang available, unlock should fail

     

       67
       +
             machine.succeed("systemctl stop tangd.socket")

     

       68
       +
             machine.fail("clevis luks unlock -d /dev/vdb")

     

       69
       +
             machine.succeed("systemctl start tangd.socket")

     

       70
       +
       

     

       71
       +
           with subtest("Rotate server keys"):

     

       72
       +
             machine.succeed("${pkgs.tang}/libexec/tangd-rotate-keys -d /var/lib/tang")

     

       73
       +
             machine.succeed("clevis luks unlock -d /dev/vdb")

     

       74
       +
             machine.succeed("find /dev/mapper -name 'luks*' -exec cryptsetup close {} +")

     

       75
       +
       

     

       76
       +
           with subtest("Test systemd service security"):

     

       77
       +
               output = machine.succeed("systemd-analyze security tangd@.service")

     

       78
       +
               machine.log(output)

     

       79
       +
               assert output[-9:-1] == "SAFE :-}"

     

       80
       +
         '';

     

       81
       +
       })

+1 -1

pkgs/applications/audio/mbrola/default.nix

···

       7
        
         meta = with lib; {

     

       8
        
           license = licenses.agpl3Plus;

     

       9
        
           maintainers = with maintainers; [ davidak ];

     

       10
       -
           platforms = platforms.linux;

     

       11
        
           description = "Speech synthesizer based on the concatenation of diphones";

     

       12
        
           homepage = "https://github.com/numediart/MBROLA";

     

       13
        
         };

···

       7
        
         meta = with lib; {

     

       8
        
           license = licenses.agpl3Plus;

     

       9
        
           maintainers = with maintainers; [ davidak ];

     

       10
       +
           platforms = platforms.all;

     

       11
        
           description = "Speech synthesizer based on the concatenation of diphones";

     

       12
        
           homepage = "https://github.com/numediart/MBROLA";

     

       13
        
         };

-110

pkgs/applications/misc/simplenote/default.nix

···

       1
       -
       { autoPatchelfHook

     

       2
       -
       , dpkg

     

       3
       -
       , fetchurl

     

       4
       -
       , makeDesktopItem

     

       5
       -
       , makeWrapper

     

       6
       -
       , lib

     

       7
       -
       , stdenv

     

       8
       -
       , udev

     

       9
       -
       , alsa-lib

     

       10
       -
       , mesa

     

       11
       -
       , nss

     

       12
       -
       , nspr

     

       13
       -
       , systemd

     

       14
       -
       , wrapGAppsHook

     

       15
       -
       , xorg

     

       16
       -
       }:

     

       17
       -
       

     

       18
       -
       let

     

       19
       -
         inherit (stdenv.hostPlatform) system;

     

       20
       -
       

     

       21
       -
         throwSystem = throw "Unsupported system: ${system}";

     

       22
       -
       

     

       23
       -
         pname = "simplenote";

     

       24
       -
       

     

       25
       -
         version = "2.9.0";

     

       26
       -
       

     

       27
       -
         sha256 = {

     

       28
       -
           x86_64-linux = "sha256-uwd9fYqZepJ/BBttprqkJhswqMepGsHDTd5Md9gjI68=";

     

       29
       -
         }.${system} or throwSystem;

     

       30
       -
       

     

       31
       -
         meta = with lib; {

     

       32
       -
           description = "The simplest way to keep notes";

     

       33
       -
           homepage = "https://github.com/Automattic/simplenote-electron";

     

       34
       -
           license = licenses.gpl2;

     

       35
       -
           sourceProvenance = with sourceTypes; [ binaryNativeCode ];

     

       36
       -
           maintainers = with maintainers; [

     

       37
       -
             kiwi

     

       38
       -
           ];

     

       39
       -
           platforms = [

     

       40
       -
             "x86_64-linux"

     

       41
       -
           ];

     

       42
       -
         };

     

       43
       -
       

     

       44
       -
         linux = stdenv.mkDerivation rec {

     

       45
       -
           inherit pname version meta;

     

       46
       -
       

     

       47
       -
           src = fetchurl {

     

       48
       -
             url = "https://github.com/Automattic/simplenote-electron/releases/download/v${version}/Simplenote-linux-${version}-amd64.deb";

     

       49
       -
             inherit sha256;

     

       50
       -
           };

     

       51
       -
       

     

       52
       -
           desktopItem = makeDesktopItem {

     

       53
       -
             categories = [ "Development" ];

     

       54
       -
             comment = "Simplenote for Linux";

     

       55
       -
             desktopName = "Simplenote";

     

       56
       -
             exec = "simplenote %U";

     

       57
       -
             icon = "simplenote";

     

       58
       -
             name = "simplenote";

     

       59
       -
             startupNotify = true;

     

       60
       -
           };

     

       61
       -
       

     

       62
       -
           dontBuild = true;

     

       63
       -
           dontConfigure = true;

     

       64
       -
           dontPatchELF = true;

     

       65
       -
           dontWrapGApps = true;

     

       66
       -
       

     

       67
       -
           # TODO: migrate off autoPatchelfHook and use nixpkgs' electron

     

       68
       -
           nativeBuildInputs = [

     

       69
       -
             autoPatchelfHook

     

       70
       -
             dpkg

     

       71
       -
             makeWrapper

     

       72
       -
             wrapGAppsHook

     

       73
       -
           ];

     

       74
       -
       

     

       75
       -
           buildInputs = [

     

       76
       -
             alsa-lib

     

       77
       -
             mesa

     

       78
       -
             xorg.libXScrnSaver

     

       79
       -
             xorg.libXtst

     

       80
       -
             nss

     

       81
       -
             nspr

     

       82
       -
             stdenv.cc.cc

     

       83
       -
             systemd

     

       84
       -
           ];

     

       85
       -
       

     

       86
       -
           unpackPhase = "dpkg-deb -x $src .";

     

       87
       -
       

     

       88
       -
           installPhase = ''

     

       89
       -
             mkdir -p "$out/bin"

     

       90
       -
             cp -R "opt" "$out"

     

       91
       -
             cp -R "usr/share" "$out/share"

     

       92
       -
             chmod -R g-w "$out"

     

       93
       -
       

     

       94
       -
             mkdir -p "$out/share/applications"

     

       95
       -
             cp "${desktopItem}/share/applications/"* "$out/share/applications"

     

       96
       -
           '';

     

       97
       -
       

     

       98
       -
           runtimeDependencies = [

     

       99
       -
             (lib.getLib udev)

     

       100
       -
           ];

     

       101
       -
       

     

       102
       -
           postFixup = ''

     

       103
       -
             makeWrapper $out/opt/Simplenote/simplenote $out/bin/simplenote \

     

       104
       -
               --prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ stdenv.cc.cc ] }" \

     

       105
       -
               "''${gappsWrapperArgs[@]}"

     

       106
       -
           '';

     

       107
       -
         };

     

       108
       -
       

     

       109
       -
       in

     

       110
       -
       linux

+23 -1

pkgs/applications/networking/browsers/chromium/common.nix

···

       1
        
       { stdenv, lib, fetchurl, fetchpatch

     

       0
        
       
     

       2
        
       , buildPackages

     

       3
        
       , pkgsBuildBuild

     

       4
        
       , pkgsBuildTarget

     
···

       152
        
           inherit (upstream-info) version;

     

       153
        
           inherit packageName buildType buildPath;

     

       154
        
       

     

       155
       -
           src = fetchurl {

     

       0
        
       
     

       156
        
             url = "https://commondatastorage.googleapis.com/chromium-browser-official/chromium-${version}.tar.xz";

     

       157
        
             inherit (upstream-info) sha256;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       158
        
           };

     

       159
        
       

     

       160
        
           nativeBuildInputs = [

···

       1
        
       { stdenv, lib, fetchurl, fetchpatch

     

       2
       +
       , fetchzip, zstd

     

       3
        
       , buildPackages

     

       4
        
       , pkgsBuildBuild

     

       5
        
       , pkgsBuildTarget

     
···

       153
        
           inherit (upstream-info) version;

     

       154
        
           inherit packageName buildType buildPath;

     

       155
        
       

     

       156
       +
           src = fetchzip {

     

       157
       +
             name = "chromium-${version}.tar.zstd";

     

       158
        
             url = "https://commondatastorage.googleapis.com/chromium-browser-official/chromium-${version}.tar.xz";

     

       159
        
             inherit (upstream-info) sha256;

     

       160
       +
       

     

       161
       +
             nativeBuildInputs = [ zstd ];

     

       162
       +
       

     

       163
       +
             postFetch = ''

     

       164
       +
               echo removing unused code from tarball to stay under hydra limit

     

       165
       +
               rm -r $out/third_party/{rust-src,llvm}

     

       166
       +
       

     

       167
       +
               echo moving remains out of \$out

     

       168
       +
               mv $out source

     

       169
       +
       

     

       170
       +
               echo recompressing final contents into new tarball

     

       171
       +
               # try to make a deterministic tarball

     

       172
       +
               tar \

     

       173
       +
                 --use-compress-program "zstd -T$NIX_BUILD_CORES" \

     

       174
       +
                 --sort name \

     

       175
       +
                 --mtime 1970-01-01 \

     

       176
       +
                 --owner=root --group=root \

     

       177
       +
                 --numeric-owner --mode=go=rX,u+rw,a-s \

     

       178
       +
                 -cf $out source

     

       179
       +
             '';

     

       180
        
           };

     

       181
        
       

     

       182
        
           nativeBuildInputs = [

+4 -4

pkgs/applications/networking/browsers/chromium/upstream-info.nix

···

       8
        
               version = "2023-08-01";

     

       9
        
             };

     

       10
        
           };

     

       11
       -
           sha256 = "1wf0j189cxpayy6ffmj5j6h5yg3amivryilimjc2ap0jkyj4xrbi";

     

       12
        
           sha256bin64 = "11w1di146mjb9ql30df9yk9x4b9amc6514jzyfbf09mqsrw88dvr";

     

       13
        
           version = "117.0.5938.22";

     

       14
        
         };

     
···

       21
        
               version = "2023-08-10";

     

       22
        
             };

     

       23
        
           };

     

       24
       -
           sha256 = "1z01b6w4sgndrlcd26jgimk3rhv3wzpn67nv1fd5ln7dwfwkyq20";

     

       25
        
           sha256bin64 = "11y09hsy7y1vg65xfilq44ffsmn15dqy80fa57psj1kin4a52v2x";

     

       26
        
           version = "118.0.5966.0";

     

       27
        
         };

     
···

       41
        
               version = "2023-08-10";

     

       42
        
             };

     

       43
        
           };

     

       44
       -
           sha256 = "0gcrnvm3ar7x0fv38kjvdzgb8lflx1sckcqy89yawgfy6jkh1vj9";

     

       45
        
           sha256bin64 = "1bq170l0g9yq17x6xlg6fjar6gv3hdi0zijwmx4s02pmw6727484";

     

       46
        
           version = "118.0.5993.70";

     

       47
        
         };

     
···

       58
        
               sha256 = "0k6684cy1ks6yba2bdz17g244f05qy9769cvis4h2jzhgbf5rysh";

     

       59
        
             };

     

       60
        
           };

     

       61
       -
           sha256 = "0gcrnvm3ar7x0fv38kjvdzgb8lflx1sckcqy89yawgfy6jkh1vj9";

     

       62
        
           sha256bin64 = "1bq170l0g9yq17x6xlg6fjar6gv3hdi0zijwmx4s02pmw6727484";

     

       63
        
           version = "118.0.5993.70";

     

       64
        
         };

···

       8
        
               version = "2023-08-01";

     

       9
        
             };

     

       10
        
           };

     

       11
       +
           sha256 = "0c3adrrgpnhm8g1546ask9pf17qj1sjgb950mj0rv4snxvddi75j";

     

       12
        
           sha256bin64 = "11w1di146mjb9ql30df9yk9x4b9amc6514jzyfbf09mqsrw88dvr";

     

       13
        
           version = "117.0.5938.22";

     

       14
        
         };

     
···

       21
        
               version = "2023-08-10";

     

       22
        
             };

     

       23
        
           };

     

       24
       +
           sha256 = "16dq27lsywrn2xlgr5g46gdv15p30sihfamli4vkv3zxzfxdjisv";

     

       25
        
           sha256bin64 = "11y09hsy7y1vg65xfilq44ffsmn15dqy80fa57psj1kin4a52v2x";

     

       26
        
           version = "118.0.5966.0";

     

       27
        
         };

     
···

       41
        
               version = "2023-08-10";

     

       42
        
             };

     

       43
        
           };

     

       44
       +
           sha256 = "1g8rllmnmhmmpjzrmi3cww0nszxicq0kim2wd0l0ip2mzk2p8qlp";

     

       45
        
           sha256bin64 = "1bq170l0g9yq17x6xlg6fjar6gv3hdi0zijwmx4s02pmw6727484";

     

       46
        
           version = "118.0.5993.70";

     

       47
        
         };

     
···

       58
        
               sha256 = "0k6684cy1ks6yba2bdz17g244f05qy9769cvis4h2jzhgbf5rysh";

     

       59
        
             };

     

       60
        
           };

     

       61
       +
           sha256 = "1g8rllmnmhmmpjzrmi3cww0nszxicq0kim2wd0l0ip2mzk2p8qlp";

     

       62
        
           sha256bin64 = "1bq170l0g9yq17x6xlg6fjar6gv3hdi0zijwmx4s02pmw6727484";

     

       63
        
           version = "118.0.5993.70";

     

       64
        
         };

+11 -5

pkgs/build-support/fetchgit/nix-prefetch-git

···

       257
        
           cd "$repo"

     

       258
        
           # Remove files that contain timestamps or otherwise have non-deterministic

     

       259
        
           # properties.

     

       260
       -
           rm -rf .git/logs/ .git/hooks/ .git/index .git/FETCH_HEAD .git/ORIG_HEAD \

     

       261
       -
               .git/refs/remotes/origin/HEAD .git/config

     

       262
       -
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       263
        
           # Remove all remote branches.

     

       264
        
           git branch -r | while read -r branch; do

     

       265
        
               clean_git branch -rD "$branch"

     
···

       277
        
           # Do a full repack. Must run single-threaded, or else we lose determinism.

     

       278
        
           clean_git config pack.threads 1

     

       279
        
           clean_git repack -A -d -f

     

       280
       -
           rm -f .git/config

     

       281
        
       

     

       282
        
           # Garbage collect unreferenced objects.

     

       283
        
           # Note: --keep-largest-pack prevents non-deterministic ordering of packs

     
···

       323
        
               find "$dir" -name .git -print0 | xargs -0 rm -rf

     

       324
        
           else

     

       325
        
               find "$dir" -name .git | while read -r gitdir; do

     

       326
       -
                   make_deterministic_repo "$(readlink -f "$gitdir/..")"

     

       327
        
               done

     

       328
        
           fi

     

       329
        
       }

···

       257
        
           cd "$repo"

     

       258
        
           # Remove files that contain timestamps or otherwise have non-deterministic

     

       259
        
           # properties.

     

       260
       +
           if [ -f .git ]; then

     

       261
       +
       	local dotgit_content=$(<.git)

     

       262
       +
       	local dotgit_dir="${dotgit_content#gitdir: }"

     

       263
       +
           else

     

       264
       +
       	local dotgit_dir=".git"

     

       265
       +
           fi

     

       266
       +
           pushd "$dotgit_dir"

     

       267
       +
               rm -rf logs/ hooks/ index FETCH_HEAD ORIG_HEAD refs/remotes/origin/HEAD config

     

       268
       +
           popd

     

       269
        
           # Remove all remote branches.

     

       270
        
           git branch -r | while read -r branch; do

     

       271
        
               clean_git branch -rD "$branch"

     
···

       283
        
           # Do a full repack. Must run single-threaded, or else we lose determinism.

     

       284
        
           clean_git config pack.threads 1

     

       285
        
           clean_git repack -A -d -f

     

       286
       +
           rm -f "$dotgit_dir/config"

     

       287
        
       

     

       288
        
           # Garbage collect unreferenced objects.

     

       289
        
           # Note: --keep-largest-pack prevents non-deterministic ordering of packs

     
···

       329
        
               find "$dir" -name .git -print0 | xargs -0 rm -rf

     

       330
        
           else

     

       331
        
               find "$dir" -name .git | while read -r gitdir; do

     

       332
       +
                   make_deterministic_repo "$(readlink -f "$(dirname "$gitdir")")"

     

       333
        
               done

     

       334
        
           fi

     

       335
        
       }

+6 -6

pkgs/by-name/wa/waycheck/package.nix

···

       10
        
       , wrapGAppsHook

     

       11
        
       }:

     

       12
        
       

     

       13
       -
       stdenv.mkDerivation rec {

     

       14
        
         pname = "waycheck";

     

       15
       -
         version = "0.1.3";

     

       16
        
       

     

       17
        
         src = fetchFromGitLab {

     

       18
        
           domain = "gitlab.freedesktop.org";

     

       19
        
           owner = "serebit";

     

       20
        
           repo = "waycheck";

     

       21
       -
           rev = "v${version}";

     

       22
       -
           hash = "sha256-DbXc1Q/ZIqlIMocFld3fOmUp44rU3fEzazHKSDdqMNs=";

     

       23
        
         };

     

       24
        
       

     

       25
        
         nativeBuildInputs = [

     
···

       51
        
           description = "Simple GUI that displays the protocols implemented by a Wayland compositor";

     

       52
        
           homepage = "https://gitlab.freedesktop.org/serebit/waycheck";

     

       53
        
           license = licenses.asl20;

     

       54
       -
           maintainers = with maintainers; [ julienmalka ];

     

       55
        
           mainProgram = "waycheck";

     

       56
        
           platforms = platforms.linux;

     

       57
        
         };

     

       58
       -
       }

···

       10
        
       , wrapGAppsHook

     

       11
        
       }:

     

       12
        
       

     

       13
       +
       stdenv.mkDerivation (finalAttrs: {

     

       14
        
         pname = "waycheck";

     

       15
       +
         version = "1.0.0";

     

       16
        
       

     

       17
        
         src = fetchFromGitLab {

     

       18
        
           domain = "gitlab.freedesktop.org";

     

       19
        
           owner = "serebit";

     

       20
        
           repo = "waycheck";

     

       21
       +
           rev = "v${finalAttrs.version}";

     

       22
       +
           hash = "sha256-oGpiFwbPBQHF0wRHliltU8B+QmClcoFfbjpAYzOFPqs=";

     

       23
        
         };

     

       24
        
       

     

       25
        
         nativeBuildInputs = [

     
···

       51
        
           description = "Simple GUI that displays the protocols implemented by a Wayland compositor";

     

       52
        
           homepage = "https://gitlab.freedesktop.org/serebit/waycheck";

     

       53
        
           license = licenses.asl20;

     

       54
       +
           maintainers = with maintainers; [ julienmalka federicoschonborn ];

     

       55
        
           mainProgram = "waycheck";

     

       56
        
           platforms = platforms.linux;

     

       57
        
         };

     

       58
       +
       })

+6 -6

pkgs/data/misc/xorg-rgb/default.nix

···

       1
        
       { lib, stdenv, fetchurl, pkg-config, xorgproto }:

     

       2
        
       

     

       3
       -
       stdenv.mkDerivation rec {

     

       4
        
         pname = "rgb";

     

       5
       -
         version = "1.0.6";

     

       6
        
       

     

       7
        
         src = fetchurl {

     

       8
       -
           url = "https://xorg.freedesktop.org/archive/individual/app/rgb-${version}.tar.bz2";

     

       9
       -
           sha256 = "1c76zcjs39ljil6f6jpx1x17c8fnvwazz7zvl3vbjfcrlmm7rjmv";

     

       10
        
         };

     

       11
        
       

     

       12
        
         nativeBuildInputs = [ pkg-config ];

     
···

       15
        
         meta = with lib; {

     

       16
        
           description = "X11 colorname to RGB mapping database";

     

       17
        
           license = licenses.mit;

     

       18
       -
           maintainers = [ maintainers.raskin ];

     

       19
        
           platforms = platforms.linux;

     

       20
        
           homepage = "https://xorg.freedesktop.org/";

     

       21
        
         };

     

       22
       -
       }

···

       1
        
       { lib, stdenv, fetchurl, pkg-config, xorgproto }:

     

       2
        
       

     

       3
       +
       stdenv.mkDerivation (finalAttrs: {

     

       4
        
         pname = "rgb";

     

       5
       +
         version = "1.1.0";

     

       6
        
       

     

       7
        
         src = fetchurl {

     

       8
       +
           url = "https://xorg.freedesktop.org/archive/individual/app/rgb-${finalAttrs.version}.tar.xz";

     

       9
       +
           hash = "sha256-/APX9W5bKmF2aBZ/iSeUjM5U+TCX58zZ8FYHf0ee03s=";

     

       10
        
         };

     

       11
        
       

     

       12
        
         nativeBuildInputs = [ pkg-config ];

     
···

       15
        
         meta = with lib; {

     

       16
        
           description = "X11 colorname to RGB mapping database";

     

       17
        
           license = licenses.mit;

     

       18
       +
           maintainers = with maintainers; [ raskin ];

     

       19
        
           platforms = platforms.linux;

     

       20
        
           homepage = "https://xorg.freedesktop.org/";

     

       21
        
         };

     

       22
       +
       })

+30 -3

pkgs/development/libraries/speech-tools/default.nix

···

       1
       -
       { lib, stdenv, fetchurl, alsa-lib, ncurses }:

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       2
        
       

     

       3
        
       stdenv.mkDerivation rec {

     

       4
        
         pname = "speech_tools";

     
···

       9
        
           sha256 = "1k2xh13miyv48gh06rgsq2vj25xwj7z6vwq9ilsn8i7ig3nrgzg4";

     

       10
        
         };

     

       11
        
       

     

       12
       -
         buildInputs = [ alsa-lib ncurses ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       13
        
       

     

       14
        
         # Workaround build failure on -fno-common toolchains:

     

       15
        
         #   ld: libestools.a(editline.o):(.bss+0x28): multiple definition of

     
···

       42
        
         meta = with lib; {

     

       43
        
           description = "Text-to-speech engine";

     

       44
        
           maintainers = with maintainers; [ raskin ];

     

       45
       -
           platforms = platforms.linux;

     

       46
        
           license = licenses.free;

     

       47
        
         };

     

       48

···

       1
       +
       { lib

     

       2
       +
       , stdenv

     

       3
       +
       , fetchurl

     

       4
       +
       , fetchpatch

     

       5
       +
       , ncurses

     

       6
       +
       , alsa-lib

     

       7
       +
       , CoreServices

     

       8
       +
       , AudioUnit

     

       9
       +
       , Cocoa

     

       10
       +
       }:

     

       11
        
       

     

       12
        
       stdenv.mkDerivation rec {

     

       13
        
         pname = "speech_tools";

     
···

       18
        
           sha256 = "1k2xh13miyv48gh06rgsq2vj25xwj7z6vwq9ilsn8i7ig3nrgzg4";

     

       19
        
         };

     

       20
        
       

     

       21
       +
         patches = [

     

       22
       +
           # Fix build on Apple Silicon. Remove in the next release.

     

       23
       +
           (fetchpatch {

     

       24
       +
             url = "https://github.com/festvox/speech_tools/commit/06141f69d21bf507a9becb5405265dc362edb0df.patch";

     

       25
       +
             hash = "sha256-tRestCBuRhak+2ccsB6mvDxGm/TIYX4eZ3oppCOEP9s=";

     

       26
       +
           })

     

       27
       +
         ];

     

       28
       +
       

     

       29
       +
         buildInputs = [

     

       30
       +
           ncurses

     

       31
       +
         ] ++ lib.optionals stdenv.isLinux [

     

       32
       +
           alsa-lib

     

       33
       +
         ] ++ lib.optionals stdenv.isDarwin [

     

       34
       +
           CoreServices

     

       35
       +
           AudioUnit

     

       36
       +
           Cocoa

     

       37
       +
         ];

     

       38
       +
       

     

       39
       +
         makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" "CXX=${stdenv.cc.targetPrefix}c++" ];

     

       40
        
       

     

       41
        
         # Workaround build failure on -fno-common toolchains:

     

       42
        
         #   ld: libestools.a(editline.o):(.bss+0x28): multiple definition of

     
···

       69
        
         meta = with lib; {

     

       70
        
           description = "Text-to-speech engine";

     

       71
        
           maintainers = with maintainers; [ raskin ];

     

       72
       +
           platforms = platforms.unix;

     

       73
        
           license = licenses.free;

     

       74
        
         };

     

       75

+2 -2

pkgs/development/python-modules/apprise/default.nix

···

       19
        
       

     

       20
        
       buildPythonPackage rec {

     

       21
        
         pname = "apprise";

     

       22
       -
         version = "1.5.0";

     

       23
        
         format = "setuptools";

     

       24
        
       

     

       25
        
         disabled = pythonOlder "3.7";

     

       26
        
       

     

       27
        
         src = fetchPypi {

     

       28
        
           inherit pname version;

     

       29
       -
           hash = "sha256-PFgRQQd6EBeQ7eDKsW+ig60DKpsvl9xtNWX7LZGBP9c=";

     

       30
        
         };

     

       31
        
       

     

       32
        
         nativeBuildInputs = [

···

       19
        
       

     

       20
        
       buildPythonPackage rec {

     

       21
        
         pname = "apprise";

     

       22
       +
         version = "1.6.0";

     

       23
        
         format = "setuptools";

     

       24
        
       

     

       25
        
         disabled = pythonOlder "3.7";

     

       26
        
       

     

       27
        
         src = fetchPypi {

     

       28
        
           inherit pname version;

     

       29
       +
           hash = "sha256-Pu+rHF15eLDmXFCR0c2+kgaGXcPLXRnKXPvdt26Kr/4=";

     

       30
        
         };

     

       31
        
       

     

       32
        
         nativeBuildInputs = [

+23

pkgs/development/python-modules/command_runner/default.nix

···

       1
       +
       { lib, buildPythonPackage, fetchPypi, psutil }:

     

       2
       +
       

     

       3
       +
       buildPythonPackage rec {

     

       4
       +
         pname = "command_runner";

     

       5
       +
         version = "1.5.0";

     

       6
       +
       

     

       7
       +
         src = fetchPypi {

     

       8
       +
           inherit pname version;

     

       9
       +
           sha256 = "sha256-UIDzLLIm69W53jvS9M2LVclM+OqRYmLtvuXVAv54ltg=";

     

       10
       +
         };

     

       11
       +
       

     

       12
       +
         propagatedBuildInputs = [ psutil ];

     

       13
       +
       

     

       14
       +
         meta = with lib; {

     

       15
       +
           homepage = "https://github.com/netinvent/command_runner";

     

       16
       +
           description = ''

     

       17
       +
             Platform agnostic command execution, timed background jobs with live

     

       18
       +
             stdout/stderr output capture, and UAC/sudo elevation

     

       19
       +
           '';

     

       20
       +
           license = licenses.bsd3;

     

       21
       +
           maintainers = teams.wdz.members;

     

       22
       +
         };

     

       23
       +
       }

pkgs/development/python-modules/et_xmlfile/default.nix pkgs/development/python-modules/et-xmlfile/default.nix

+37

pkgs/development/python-modules/guzzle-sphinx-theme/default.nix

···

       1
       +
       { lib

     

       2
       +
       , buildPythonPackage

     

       3
       +
       , fetchPypi

     

       4
       +
       , setuptools

     

       5
       +
       , sphinx

     

       6
       +
       }:

     

       7
       +
       

     

       8
       +
       buildPythonPackage rec {

     

       9
       +
         pname = "guzzle-sphinx-theme";

     

       10
       +
         version = "0.7.11";

     

       11
       +
         pyproject = true;

     

       12
       +
       

     

       13
       +
         src = fetchPypi {

     

       14
       +
           pname = "guzzle_sphinx_theme";

     

       15
       +
           inherit version;

     

       16
       +
           hash = "sha256-m4wWOcNDwCw/PbffZg3fb1M7VFTukqX3sC7apXP+0+Y=";

     

       17
       +
         };

     

       18
       +
       

     

       19
       +
         nativeBuildInputs = [

     

       20
       +
           setuptools

     

       21
       +
         ];

     

       22
       +
       

     

       23
       +
         doCheck = false; # no tests

     

       24
       +
       

     

       25
       +
         propagatedBuildInputs = [ sphinx ];

     

       26
       +
       

     

       27
       +
         pythonImportsCheck = [

     

       28
       +
           "guzzle_sphinx_theme"

     

       29
       +
         ];

     

       30
       +
       

     

       31
       +
         meta = with lib; {

     

       32
       +
           description = "Sphinx theme used by Guzzle: http://guzzlephp.org";

     

       33
       +
           homepage = "https://github.com/guzzle/guzzle_sphinx_theme/";

     

       34
       +
           license = licenses.mit;

     

       35
       +
           maintainers = with maintainers; [ flokli ];

     

       36
       +
         };

     

       37
       +
       }

-22

pkgs/development/python-modules/guzzle_sphinx_theme/default.nix

···

       1
       -
       { lib, buildPythonPackage, sphinx, fetchPypi }:

     

       2
       -
       

     

       3
       -
       buildPythonPackage rec {

     

       4
       -
         pname = "guzzle_sphinx_theme";

     

       5
       -
         version = "0.7.11";

     

       6
       -
         src = fetchPypi {

     

       7
       -
           inherit pname version;

     

       8
       -
           sha256 = "1rnkzrrsbnifn3vsb4pfaia3nlvgvw6ndpxp7lzjrh23qcwid34v";

     

       9
       -
         };

     

       10
       -
       

     

       11
       -
         doCheck = false; # no tests

     

       12
       -
       

     

       13
       -
         propagatedBuildInputs = [ sphinx ];

     

       14
       -
       

     

       15
       -
         meta = with lib; {

     

       16
       -
           description = "Sphinx theme used by Guzzle: http://guzzlephp.org";

     

       17
       -
           homepage = "https://github.com/guzzle/guzzle_sphinx_theme/";

     

       18
       -
           license = licenses.mit;

     

       19
       -
           maintainers = with maintainers; [ flokli ];

     

       20
       -
           platforms = platforms.unix;

     

       21
       -
         };

     

       22
       -
       }

+2 -2

pkgs/development/python-modules/openpyxl/default.nix

···

       1
        
       { lib

     

       2
        
       , buildPythonPackage

     

       3
       -
       , et_xmlfile

     

       4
        
       , fetchFromGitLab

     

       5
        
       , jdcal

     

       6
        
       , lxml

     
···

       26
        
       

     

       27
        
         propagatedBuildInputs = [

     

       28
        
           jdcal

     

       29
       -
           et_xmlfile

     

       30
        
           lxml

     

       31
        
         ];

     

       32

···

       1
        
       { lib

     

       2
        
       , buildPythonPackage

     

       3
       +
       , et-xmlfile

     

       4
        
       , fetchFromGitLab

     

       5
        
       , jdcal

     

       6
        
       , lxml

     
···

       26
        
       

     

       27
        
         propagatedBuildInputs = [

     

       28
        
           jdcal

     

       29
       +
           et-xmlfile

     

       30
        
           lxml

     

       31
        
         ];

     

       32

+3 -2

pkgs/development/python-modules/pythonnet/default.nix

···

       12
        
       

     

       13
        
       let

     

       14
        
         pname = "pythonnet";

     

       15
       -
         version = "3.0.2";

     

       16
        
         src = fetchPypi {

     

       17
        
           pname = "pythonnet";

     

       18
        
           inherit version;

     

       19
       -
           sha256 = "sha256-LN0cztxkp8m9cRvj0P0MSniTJHQTncVKppe+3edBx0Y=";

     

       20
        
         };

     

       21
        
       

     

       22
        
         # This buildDotnetModule is used only to get nuget sources, the actual

     
···

       70
        
         meta = with lib; {

     

       71
        
           description = ".NET integration for Python";

     

       72
        
           homepage = "https://pythonnet.github.io";

     

       0
        
       
     

       73
        
           license = licenses.mit;

     

       74
        
           # <https://github.com/pythonnet/pythonnet/issues/898>

     

       75
        
           badPlatforms = [ "aarch64-linux" ];

···

       12
        
       

     

       13
        
       let

     

       14
        
         pname = "pythonnet";

     

       15
       +
         version = "3.0.3";

     

       16
        
         src = fetchPypi {

     

       17
        
           pname = "pythonnet";

     

       18
        
           inherit version;

     

       19
       +
           hash = "sha256-jUsulxWKAjh1+GR0WKWPOIF/T+Oa9gq91rDYrfHXfnU=";

     

       20
        
         };

     

       21
        
       

     

       22
        
         # This buildDotnetModule is used only to get nuget sources, the actual

     
···

       70
        
         meta = with lib; {

     

       71
        
           description = ".NET integration for Python";

     

       72
        
           homepage = "https://pythonnet.github.io";

     

       73
       +
           changelog = "https://github.com/pythonnet/pythonnet/releases/tag/v${version}";

     

       74
        
           license = licenses.mit;

     

       75
        
           # <https://github.com/pythonnet/pythonnet/issues/898>

     

       76
        
           badPlatforms = [ "aarch64-linux" ];

-30

pkgs/development/tools/guile/guile-lint/default.nix

···

       1
       -
       { lib, stdenv, fetchurl, guile }:

     

       2
       -
       

     

       3
       -
       stdenv.mkDerivation rec {

     

       4
       -
         pname = "guile-lint";

     

       5
       -
         version = "14";

     

       6
       -
       

     

       7
       -
         src = fetchurl {

     

       8
       -
           url = "https://download.tuxfamily.org/user42/${pname}-${version}.tar.bz2";

     

       9
       -
           sha256 = "1gnhnmki05pkmzpbfc07vmb2iwza6vhy75y03bw2x2rk4fkggz2v";

     

       10
       -
         };

     

       11
       -
       

     

       12
       -
         buildInputs = [ guile ];

     

       13
       -
       

     

       14
       -
         unpackPhase = ''tar xjvf "$src" && sourceRoot="$PWD/${pname}-${version}"'';

     

       15
       -
       

     

       16
       -
         prePatch = ''

     

       17
       -
           substituteInPlace guile-lint.in --replace \

     

       18
       -
             "exec guile" "exec ${guile}/bin/guile"

     

       19
       -
         '';

     

       20
       -
       

     

       21
       -
         doCheck = !stdenv.isDarwin;

     

       22
       -
       

     

       23
       -
         meta = with lib; {

     

       24
       -
           description = "Checks syntax and semantics in a Guile program or module";

     

       25
       -
           homepage = "https://user42.tuxfamily.org/guile-lint/index.html";

     

       26
       -
           license = licenses.gpl3Plus;

     

       27
       -
           maintainers = with maintainers; [ vyp ];

     

       28
       -
           platforms = platforms.all;

     

       29
       -
         };

     

       30
       -
       }

+79 -9

pkgs/servers/monitoring/kapacitor/default.nix

···

       1
       -
       { lib, fetchFromGitHub, buildGoPackage }:

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       2
        
       

     

       3
       -
       buildGoPackage rec {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       4
        
         pname = "kapacitor";

     

       5
       -
         version = "1.5.7";

     

       6
       -
       

     

       7
       -
         goPackagePath = "github.com/influxdata/kapacitor";

     

       8
        
       

     

       9
        
         src = fetchFromGitHub {

     

       10
        
           owner = "influxdata";

     

       11
        
           repo = "kapacitor";

     

       12
        
           rev = "v${version}";

     

       13
       -
           sha256 = "0lzx25d4y5d8rsddgnypfskcxa5qlwc294sdzmn8dlq995yphpac";

     

       14
        
         };

     

       15
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       16
        
         meta = with lib; {

     

       17
        
           description = "Open source framework for processing, monitoring, and alerting on time series data";

     

       0
        
       
     

       0
        
       
     

       18
        
           license = licenses.mit;

     

       19
       -
           homepage = "https://influxdata.com/time-series-platform/kapacitor/";

     

       20
       -
           maintainers = with maintainers; [ offline ];

     

       21
       -
           platforms = with platforms; linux;

     

       22
        
         };

     

       23
        
       }

···

       1
       +
       { stdenv

     

       2
       +
       , lib

     

       3
       +
       , rustPlatform

     

       4
       +
       , fetchFromGitHub

     

       5
       +
       , fetchpatch

     

       6
       +
       , libiconv

     

       7
       +
       , buildGoModule

     

       8
       +
       , pkg-config

     

       9
       +
       }:

     

       10
        
       

     

       11
       +
       let

     

       12
       +
         libflux_version = "0.171.0";

     

       13
       +
         flux = rustPlatform.buildRustPackage rec {

     

       14
       +
           pname = "libflux";

     

       15
       +
           version = "v${libflux_version}";

     

       16
       +
           src = fetchFromGitHub {

     

       17
       +
             owner = "influxdata";

     

       18
       +
             repo = "flux";

     

       19
       +
             rev = "v${libflux_version}";

     

       20
       +
             hash = "sha256-v9MUR+PcxAus91FiHYrMN9MbNOTWewh7MT6/t/QWQcM=";

     

       21
       +
           };

     

       22
       +
           patches = [

     

       23
       +
             # https://github.com/influxdata/flux/pull/5273

     

       24
       +
             # fix compile error with Rust 1.64

     

       25
       +
             (fetchpatch {

     

       26
       +
               url = "https://github.com/influxdata/flux/commit/20ca62138a0669f2760dd469ca41fc333e04b8f2.patch";

     

       27
       +
               stripLen = 2;

     

       28
       +
               extraPrefix = "";

     

       29
       +
               hash = "sha256-Fb4CuH9ZvrPha249dmLLI8MqSNQRKqKPxPbw2pjqwfY=";

     

       30
       +
             })

     

       31
       +
           ];

     

       32
       +
           sourceRoot = "${src.name}/libflux";

     

       33
       +
           cargoSha256 = "sha256-oAMoGGdR0QEjSzZ0/J5J9s/ekSlryCcRBSo5N2r70Ko=";

     

       34
       +
           nativeBuildInputs = [ rustPlatform.bindgenHook ];

     

       35
       +
           buildInputs = lib.optional stdenv.isDarwin libiconv;

     

       36
       +
           pkgcfg = ''

     

       37
       +
             Name: flux

     

       38
       +
             Version: ${libflux_version}

     

       39
       +
             Description: Library for the InfluxData Flux engine

     

       40
       +
             Cflags: -I/out/include

     

       41
       +
             Libs: -L/out/lib -lflux -lpthread

     

       42
       +
           '';

     

       43
       +
           passAsFile = [ "pkgcfg" ];

     

       44
       +
           postInstall = ''

     

       45
       +
             mkdir -p $out/include $out/pkgconfig

     

       46
       +
             cp -r $NIX_BUILD_TOP/source/libflux/include/influxdata $out/include

     

       47
       +
             substitute $pkgcfgPath $out/pkgconfig/flux.pc \

     

       48
       +
               --replace /out $out

     

       49
       +
           '' + lib.optionalString stdenv.isDarwin ''

     

       50
       +
             install_name_tool -id $out/lib/libflux.dylib $out/lib/libflux.dylib

     

       51
       +
           '';

     

       52
       +
         };

     

       53
       +
       in

     

       54
       +
       buildGoModule rec {

     

       55
        
         pname = "kapacitor";

     

       56
       +
         version = "1.7.0";

     

       0
        
       
     

       0
        
       
     

       57
        
       

     

       58
        
         src = fetchFromGitHub {

     

       59
        
           owner = "influxdata";

     

       60
        
           repo = "kapacitor";

     

       61
        
           rev = "v${version}";

     

       62
       +
           hash = "sha256-vDluZZrct1x+OMVU8MNO56YBZq7JNlpW68alOrAGYSM=";

     

       63
        
         };

     

       64
        
       

     

       65
       +
         vendorHash = "sha256-OX4QAthg15lwMyhOPyLTS++CMvGI5Um+FSd025PhW3E=";

     

       66
       +
       

     

       67
       +
         nativeBuildInputs = [ pkg-config ];

     

       68
       +
       

     

       69
       +
         PKG_CONFIG_PATH = "${flux}/pkgconfig";

     

       70
       +
       

     

       71
       +
         # Check that libflux is at the right version

     

       72
       +
         preBuild = ''

     

       73
       +
           flux_ver=$(grep github.com/influxdata/flux go.mod | awk '{print $2}')

     

       74
       +
           if [ "$flux_ver" != "v${libflux_version}" ]; then

     

       75
       +
             echo "go.mod wants libflux $flux_ver, but nix derivation provides ${libflux_version}"

     

       76
       +
             exit 1

     

       77
       +
           fi

     

       78
       +
         '';

     

       79
       +
       

     

       80
       +
         # Remove failing server tests

     

       81
       +
         preCheck = ''

     

       82
       +
           rm server/server_test.go

     

       83
       +
         '';

     

       84
       +
       

     

       85
        
         meta = with lib; {

     

       86
        
           description = "Open source framework for processing, monitoring, and alerting on time series data";

     

       87
       +
           homepage = "https://influxdata.com/time-series-platform/kapacitor/";

     

       88
       +
           downloadPage = "https://github.com/influxdata/kapacitor/releases";

     

       89
        
           license = licenses.mit;

     

       90
       +
           changelog = "https://github.com/influxdata/kapacitor/blob/master/CHANGELOG.md";

     

       91
       +
           maintainers = with maintainers; [ offline totoroot ];

     

       0
        
       
     

       92
        
         };

     

       93
        
       }

+18

pkgs/servers/monitoring/librenms/broken-binary-paths.diff

···

       1
       +
       diff --git a/LibreNMS/Config.php b/LibreNMS/Config.php

     

       2
       +
       index 5ed6b71..de7718a 100644

     

       3
       +
       --- a/LibreNMS/Config.php

     

       4
       +
       +++ b/LibreNMS/Config.php

     

       5
       +
       @@ -460,13 +460,6 @@ class Config

     

       6
       +
                    self::persist('device_display_default', $display_value);

     

       7
       +
                }

     

       8
       +
        

     

       9
       +
       -        // make sure we have full path to binaries in case PATH isn't set

     

       10
       +
       -        foreach (['fping', 'fping6', 'snmpgetnext', 'rrdtool', 'traceroute'] as $bin) {

     

       11
       +
       -            if (! is_executable(self::get($bin))) {

     

       12
       +
       -                self::persist($bin, self::locateBinary($bin));

     

       13
       +
       -            }

     

       14
       +
       -        }

     

       15
       +
       -

     

       16
       +
                if (! self::has('rrdtool_version')) {

     

       17
       +
                    self::persist('rrdtool_version', Rrd::version());

     

       18
       +
                }

+116

pkgs/servers/monitoring/librenms/default.nix

···

       1
       +
       { lib

     

       2
       +
       , fetchFromGitHub

     

       3
       +
       , unixtools

     

       4
       +
       , php82

     

       5
       +
       , python3

     

       6
       +
       , makeWrapper

     

       7
       +
       , nixosTests

     

       8
       +
       # run-time dependencies

     

       9
       +
       , graphviz

     

       10
       +
       , ipmitool

     

       11
       +
       , libvirt

     

       12
       +
       , monitoring-plugins

     

       13
       +
       , mtr

     

       14
       +
       , net-snmp

     

       15
       +
       , nfdump

     

       16
       +
       , nmap

     

       17
       +
       , rrdtool

     

       18
       +
       , system-sendmail

     

       19
       +
       , whois

     

       20
       +
       , dataDir ? "/var/lib/librenms", logDir ? "/var/log/librenms" }:

     

       21
       +
       

     

       22
       +
       

     

       23
       +
       let

     

       24
       +
         phpPackage = php82.withExtensions ({ enabled, all }: enabled ++ [ all.memcached ]);

     

       25
       +
       in phpPackage.buildComposerProject rec {

     

       26
       +
         name = pname + "-" + version;

     

       27
       +
         pname = "librenms";

     

       28
       +
         version = "23.9.1";

     

       29
       +
       

     

       30
       +
         src = fetchFromGitHub {

     

       31
       +
           owner = "librenms";

     

       32
       +
           repo = pname;

     

       33
       +
           rev = "${version}";

     

       34
       +
           sha256 = "sha256-glcD9AhxkvMmGo/7/RhQFeOtvHJ4pSiEFxaAjeVrTaI=";

     

       35
       +
         };

     

       36
       +
       

     

       37
       +
         vendorHash = "sha256-s6vdGfM7Ehy1bbkB44EQaHBBvTkpVw9yxhVsc/O8dHc=";

     

       38
       +
       

     

       39
       +
         php = phpPackage;

     

       40
       +
       

     

       41
       +
         buildInputs = [

     

       42
       +
           unixtools.whereis

     

       43
       +
           (python3.withPackages (ps: with ps; [

     

       44
       +
             pymysql

     

       45
       +
             python-dotenv

     

       46
       +
             redis

     

       47
       +
             setuptools

     

       48
       +
             psutil

     

       49
       +
             command_runner

     

       50
       +
           ]))

     

       51
       +
         ];

     

       52
       +
       

     

       53
       +
         nativeBuildInputs = [ makeWrapper ];

     

       54
       +
       

     

       55
       +
         installPhase = ''

     

       56
       +
           runHook preInstall

     

       57
       +
       

     

       58
       +
           mv $out/share/php/librenms/* $out

     

       59
       +
           rm -r $out/share

     

       60
       +
       

     

       61
       +
           # This broken logic leads to bad settings being persisted in the database

     

       62
       +
           patch -p1 -d $out -i ${./broken-binary-paths.diff}

     

       63
       +
       

     

       64
       +
           substituteInPlace \

     

       65
       +
             $out/misc/config_definitions.json \

     

       66
       +
             --replace '"default": "/bin/ping",' '"default": "/run/wrappers/bin/ping",' \

     

       67
       +
             --replace '"default": "fping",' '"default": "/run/wrappers/bin/fping",' \

     

       68
       +
             --replace '"default": "fping6",' '"default": "/run/wrappers/bin/fping6",' \

     

       69
       +
             --replace '"default": "rrdtool",' '"default": "${rrdtool}/bin/rrdtool",' \

     

       70
       +
             --replace '"default": "snmpgetnext",' '"default": "${net-snmp}/bin/snmpgetnext",' \

     

       71
       +
             --replace '"default": "traceroute",' '"default": "/run/wrappers/bin/traceroute",' \

     

       72
       +
             --replace '"default": "/usr/bin/dot",' '"default": "${graphviz}/bin/dot",' \

     

       73
       +
             --replace '"default": "/usr/bin/ipmitool",' '"default": "${ipmitool}/bin/ipmitool",' \

     

       74
       +
             --replace '"default": "/usr/bin/mtr",' '"default": "${mtr}/bin/mtr",' \

     

       75
       +
             --replace '"default": "/usr/bin/nfdump",' '"default": "${nfdump}/bin/nfdump",' \

     

       76
       +
             --replace '"default": "/usr/bin/nmap",' '"default": "${nmap}/bin/nmap",' \

     

       77
       +
             --replace '"default": "/usr/bin/sfdp",' '"default": "${graphviz}/bin/sfdp",' \

     

       78
       +
             --replace '"default": "/usr/bin/snmpbulkwalk",' '"default": "${net-snmp}/bin/snmpbulkwalk",' \

     

       79
       +
             --replace '"default": "/usr/bin/snmpget",' '"default": "${net-snmp}/bin/snmpget",' \

     

       80
       +
             --replace '"default": "/usr/bin/snmptranslate",' '"default": "${net-snmp}/bin/snmptranslate",' \

     

       81
       +
             --replace '"default": "/usr/bin/snmpwalk",' '"default": "${net-snmp}/bin/snmpwalk",' \

     

       82
       +
             --replace '"default": "/usr/bin/virsh",' '"default": "${libvirt}/bin/virsh",' \

     

       83
       +
             --replace '"default": "/usr/bin/whois",' '"default": "${whois}/bin/whois",' \

     

       84
       +
             --replace '"default": "/usr/lib/nagios/plugins",' '"default": "${monitoring-plugins}/libexec",' \

     

       85
       +
             --replace '"default": "/usr/sbin/sendmail",' '"default": "${system-sendmail}/bin/sendmail",'

     

       86
       +
       

     

       87
       +
           substituteInPlace $out/LibreNMS/wrapper.py --replace '/usr/bin/env php' '${phpPackage}/bin/php'

     

       88
       +
           substituteInPlace $out/LibreNMS/__init__.py --replace '"/usr/bin/env", "php"' '"${phpPackage}/bin/php"'

     

       89
       +
           substituteInPlace $out/snmp-scan.py --replace '"/usr/bin/env", "php"' '"${phpPackage}/bin/php"'

     

       90
       +
       

     

       91
       +
           wrapProgram $out/daily.sh --prefix PATH : ${phpPackage}/bin

     

       92
       +
       

     

       93
       +
           rm -rf $out/logs $out/rrd $out/bootstrap/cache $out/storage $out/.env

     

       94
       +
           ln -s ${logDir} $out/logs

     

       95
       +
           ln -s ${dataDir}/config.php $out/config.php

     

       96
       +
           ln -s ${dataDir}/.env $out/.env

     

       97
       +
           ln -s ${dataDir}/rrd $out/rrd

     

       98
       +
           ln -s ${dataDir}/storage $out/storage

     

       99
       +
           ln -s ${dataDir}/cache $out/bootstrap/cache

     

       100
       +
       

     

       101
       +
           runHook postInstall

     

       102
       +
         '';

     

       103
       +
       

     

       104
       +
         passthru = {

     

       105
       +
           phpPackage = phpPackage;

     

       106
       +
           tests.librenms = nixosTests.librenms;

     

       107
       +
         };

     

       108
       +
       

     

       109
       +
         meta = with lib; {

     

       110
       +
           description = "A auto-discovering PHP/MySQL/SNMP based network monitoring";

     

       111
       +
           homepage    = "https://www.librenms.org/";

     

       112
       +
           license     = licenses.gpl3Only;

     

       113
       +
           maintainers = teams.wdz.members;

     

       114
       +
           platforms   = platforms.linux;

     

       115
       +
         };

     

       116
       +
       }

+9 -4

pkgs/servers/tang/default.nix

···

       13
        
       , testers

     

       14
        
       , tang

     

       15
        
       , gitUpdater

     

       0
        
       
     

       16
        
       }:

     

       17
        
       

     

       18
        
       stdenv.mkDerivation rec {

     
···

       53
        
         '';

     

       54
        
       

     

       55
        
         passthru = {

     

       56
       -
           tests.version = testers.testVersion {

     

       57
       -
             package = tang;

     

       58
       -
             command = "${tang}/libexec/tangd --version";

     

       59
       -
             version = "tangd ${version}";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       60
        
           };

     

       61
        
           updateScript = gitUpdater { };

     

       62
        
         };

     
···

       67
        
           changelog = "https://github.com/latchset/tang/releases/tag/v${version}";

     

       68
        
           maintainers = with lib.maintainers; [ fpletz ];

     

       69
        
           license = lib.licenses.gpl3Plus;

     

       0
        
       
     

       70
        
         };

     

       71
        
       }

···

       13
        
       , testers

     

       14
        
       , tang

     

       15
        
       , gitUpdater

     

       16
       +
       , nixosTests

     

       17
        
       }:

     

       18
        
       

     

       19
        
       stdenv.mkDerivation rec {

     
···

       54
        
         '';

     

       55
        
       

     

       56
        
         passthru = {

     

       57
       +
           tests = {

     

       58
       +
             inherit (nixosTests) tang;

     

       59
       +
             version = testers.testVersion {

     

       60
       +
               package = tang;

     

       61
       +
               command = "${tang}/libexec/tangd --version";

     

       62
       +
               version = "tangd ${version}";

     

       63
       +
             };

     

       64
        
           };

     

       65
        
           updateScript = gitUpdater { };

     

       66
        
         };

     
···

       71
        
           changelog = "https://github.com/latchset/tang/releases/tag/v${version}";

     

       72
        
           maintainers = with lib.maintainers; [ fpletz ];

     

       73
        
           license = lib.licenses.gpl3Plus;

     

       74
       +
           mainProgram = "tangd";

     

       75
        
         };

     

       76
        
       }

+1 -1

pkgs/tools/backup/borgbackup/default.nix

···

       37
        
       

     

       38
        
           # docs

     

       39
        
           sphinxHook

     

       40
       -
           guzzle_sphinx_theme

     

       41
        
       

     

       42
        
           # shell completions

     

       43
        
           installShellFiles

···

       37
        
       

     

       38
        
           # docs

     

       39
        
           sphinxHook

     

       40
       +
           guzzle-sphinx-theme

     

       41
        
       

     

       42
        
           # shell completions

     

       43
        
           installShellFiles

-32

pkgs/tools/misc/cloud-sql-proxy/default.nix

···

       1
       -
       { lib

     

       2
       -
       , buildGoModule

     

       3
       -
       , fetchFromGitHub

     

       4
       -
       }:

     

       5
       -
       

     

       6
       -
       buildGoModule rec {

     

       7
       -
         pname = "cloud-sql-proxy";

     

       8
       -
         version = "2.7.0";

     

       9
       -
       

     

       10
       -
         src = fetchFromGitHub {

     

       11
       -
           owner = "GoogleCloudPlatform";

     

       12
       -
           repo = "cloud-sql-proxy";

     

       13
       -
           rev = "v${version}";

     

       14
       -
           hash = "sha256-4PB9Eaqb8teF+gmiHD2VAIFnxqiK2Nb0u+xSNAM8iMs=";

     

       15
       -
         };

     

       16
       -
       

     

       17
       -
         subPackages = [ "." ];

     

       18
       -
       

     

       19
       -
         vendorHash = "sha256-LaI7IdSyB7ETTjqIcIPDf3noEbvwlN3+KqrkSm8B6m8=";

     

       20
       -
       

     

       21
       -
         preCheck = ''

     

       22
       -
           buildFlagsArray+="-short"

     

       23
       -
         '';

     

       24
       -
       

     

       25
       -
         meta = with lib; {

     

       26
       -
           description = "Utility for ensuring secure connections to Google Cloud SQL instances";

     

       27
       -
           homepage = "https://github.com/GoogleCloudPlatform/cloud-sql-proxy";

     

       28
       -
           license = licenses.asl20;

     

       29
       -
           maintainers = with maintainers; [ nicknovitski totoroot ];

     

       30
       -
           mainProgram = "cloud-sql-proxy";

     

       31
       -
         };

     

       32
       -
       }

+37

pkgs/tools/misc/google-cloud-bigtable-tool/default.nix

···

       1
       +
       { lib

     

       2
       +
       , buildGoModule

     

       3
       +
       , fetchFromGitHub

     

       4
       +
       }:

     

       5
       +
       

     

       6
       +
       buildGoModule rec {

     

       7
       +
         pname = "google-cloud-bigtable-tool";

     

       8
       +
         version = "0.12.0";

     

       9
       +
       

     

       10
       +
         src = fetchFromGitHub {

     

       11
       +
           owner = "googleapis";

     

       12
       +
           repo = "cloud-bigtable-cbt-cli";

     

       13
       +
           rev = "v.${version}";

     

       14
       +
           hash = "sha256-N5nbWMj7kLIdRiwBUWFz4Rat88Wx01i3hceMxAvSjaA=";

     

       15
       +
         };

     

       16
       +
       

     

       17
       +
         vendorHash = "sha256-kwvEfvHs6XF84bB3Ss1307OjId0nh/0Imih1fRFdY0M=";

     

       18
       +
       

     

       19
       +
         preCheck = ''

     

       20
       +
           buildFlagsArray+="-short"

     

       21
       +
         '';

     

       22
       +
       

     

       23
       +
         meta = with lib; {

     

       24
       +
           description = "Google Cloud Bigtable Tool";

     

       25
       +
           longDescription = ''

     

       26
       +
             `cbt` is the Google Cloud Bigtable Tool. A CLI utility to interact with Google Cloud Bigtable.

     

       27
       +
             The cbt CLI is a command-line interface for performing several different operations on Cloud Bigtable.

     

       28
       +
             It is written in Go using the Go client library for Cloud Bigtable.

     

       29
       +
             An overview of its usage can be found in the [Google Cloud docs](https://cloud.google.com/bigtable/docs/cbt-overview).

     

       30
       +
             For information about Bigtable in general, see the [overview of Bigtable](https://cloud.google.com/bigtable/docs/overview).

     

       31
       +
           '';

     

       32
       +
           homepage = "https://github.com/googleapis/cloud-bigtable-cbt-cli";

     

       33
       +
           license = licenses.asl20;

     

       34
       +
           maintainers = with maintainers; [ totoroot ];

     

       35
       +
           mainProgram = "cbt";

     

       36
       +
         };

     

       37
       +
       }

+40

pkgs/tools/misc/google-cloud-sql-proxy/default.nix

···

       1
       +
       { lib

     

       2
       +
       , buildGoModule

     

       3
       +
       , fetchFromGitHub

     

       4
       +
       }:

     

       5
       +
       

     

       6
       +
       buildGoModule rec {

     

       7
       +
         pname = "google-cloud-sql-proxy";

     

       8
       +
         version = "2.7.0";

     

       9
       +
       

     

       10
       +
         src = fetchFromGitHub {

     

       11
       +
           owner = "GoogleCloudPlatform";

     

       12
       +
           repo = "cloud-sql-proxy";

     

       13
       +
           rev = "v${version}";

     

       14
       +
           hash = "sha256-4PB9Eaqb8teF+gmiHD2VAIFnxqiK2Nb0u+xSNAM8iMs=";

     

       15
       +
         };

     

       16
       +
       

     

       17
       +
         subPackages = [ "." ];

     

       18
       +
       

     

       19
       +
         vendorHash = "sha256-LaI7IdSyB7ETTjqIcIPDf3noEbvwlN3+KqrkSm8B6m8=";

     

       20
       +
       

     

       21
       +
         preCheck = ''

     

       22
       +
           buildFlagsArray+="-short"

     

       23
       +
         '';

     

       24
       +
       

     

       25
       +
         meta = with lib; {

     

       26
       +
           description = "Utility for ensuring secure connections to Google Cloud SQL instances";

     

       27
       +
           longDescription = ''

     

       28
       +
             The Cloud SQL Auth Proxy is a utility for ensuring secure connections to your Cloud SQL instances.

     

       29
       +
             It provides IAM authorization, allowing you to control who can connect to your instance through IAM permissions,

     

       30
       +
             and TLS 1.3 encryption, without having to manage certificates.

     

       31
       +
             See the [Connecting Overview](https://cloud.google.com/sql/docs/mysql/connect-overview) page for more information

     

       32
       +
             on connecting to a Cloud SQL instance, or the [About the Proxy](https://cloud.google.com/sql/docs/mysql/sql-proxy)

     

       33
       +
             page for details on how the Cloud SQL Proxy works.

     

       34
       +
           '';

     

       35
       +
           homepage = "https://github.com/GoogleCloudPlatform/cloud-sql-proxy";

     

       36
       +
           license = licenses.asl20;

     

       37
       +
           maintainers = with maintainers; [ nicknovitski totoroot ];

     

       38
       +
           mainProgram = "cloud-sql-proxy";

     

       39
       +
         };

     

       40
       +
       }

+3 -3

pkgs/tools/networking/sockdump/default.nix

···

       2
        
       

     

       3
        
       python3.pkgs.buildPythonApplication rec {

     

       4
        
         pname = "sockdump";

     

       5
       -
         version = "unstable-2022-10-12";

     

       6
        
       

     

       7
        
         src = fetchFromGitHub {

     

       8
        
           owner = "mechpen";

     

       9
        
           repo = pname;

     

       10
       -
           rev = "005dcb056238c2e37ff378aef27c953208ffa08f";

     

       11
       -
           hash = "sha256-X8PIUDxlcdPoD7+aLDWzlWV++P3mmu52BwY7irhypww=";

     

       12
        
         };

     

       13
        
       

     

       14
        
         propagatedBuildInputs = [ bcc ];

···

       2
        
       

     

       3
        
       python3.pkgs.buildPythonApplication rec {

     

       4
        
         pname = "sockdump";

     

       5
       +
         version = "unstable-2023-09-16";

     

       6
        
       

     

       7
        
         src = fetchFromGitHub {

     

       8
        
           owner = "mechpen";

     

       9
        
           repo = pname;

     

       10
       +
           rev = "713759e383366feae76863881e851a6411c73b68";

     

       11
       +
           hash = "sha256-q6jdwFhl2G9o2C0BVU6Xz7xizO00yaSQ2KSR/z4fixY=";

     

       12
        
         };

     

       13
        
       

     

       14
        
         propagatedBuildInputs = [ bcc ];

pkgs/top-level/aliases.nix

···

       332
        
         gr-rds = throw "'gr-rds' has been renamed to/replaced by 'gnuradio3_7.pkgs.rds'"; # Converted to throw 2023-09-10

     

       333
        
         grub2_full = grub2; # Added 2022-11-18

     

       334
        
         grub = throw "grub1 was removed after not being maintained upstream for a decade. Please switch to another bootloader"; # Added 2023-04-11

     

       0
        
       
     

       335
        
       

     

       336
        
         ### H ###

     

       337
        
       

     
···

       797
        
         shhgit = throw "shhgit is broken and is no longer maintained. See https://github.com/eth0izzle/shhgit#-shhgit-is-no-longer-maintained-" ; # Added 2023-08-08

     

       798
        
         shipyard = jumppad; # Added 2023-06-06

     

       799
        
         signumone-ks = throw "signumone-ks has been removed from nixpkgs because the developers stopped offering the binaries"; # Added 2023-08-17

     

       0
        
       
     

       800
        
         slack-dark = slack; # Added 2020-03-27

     

       801
        
         slmenu = throw "slmenu has been removed (upstream is gone)"; # Added 2023-04-06

     

       802
        
         slurm-llnl = slurm; # renamed July 2017

···

       332
        
         gr-rds = throw "'gr-rds' has been renamed to/replaced by 'gnuradio3_7.pkgs.rds'"; # Converted to throw 2023-09-10

     

       333
        
         grub2_full = grub2; # Added 2022-11-18

     

       334
        
         grub = throw "grub1 was removed after not being maintained upstream for a decade. Please switch to another bootloader"; # Added 2023-04-11

     

       335
       +
         guile-lint = throw "'guile-lint' has been removed, please use 'guild lint' instead"; # Added 2023-10-16

     

       336
        
       

     

       337
        
         ### H ###

     

       338
        
       

     
···

       798
        
         shhgit = throw "shhgit is broken and is no longer maintained. See https://github.com/eth0izzle/shhgit#-shhgit-is-no-longer-maintained-" ; # Added 2023-08-08

     

       799
        
         shipyard = jumppad; # Added 2023-06-06

     

       800
        
         signumone-ks = throw "signumone-ks has been removed from nixpkgs because the developers stopped offering the binaries"; # Added 2023-08-17

     

       801
       +
         simplenote = throw "'simplenote' has been removed because it is no longer maintained and insecure"; # Added 2023-10-09

     

       802
        
         slack-dark = slack; # Added 2020-03-27

     

       803
        
         slmenu = throw "slmenu has been removed (upstream is gone)"; # Added 2023-04-06

     

       804
        
         slurm-llnl = slurm; # renamed July 2017

+9 -9

pkgs/top-level/all-packages.nix

···

       3618
        
       

     

       3619
        
         clairvoyance = callPackage ../tools/security/clairvoyance { };

     

       3620
        
       

     

       3621
       -
         cloud-sql-proxy = callPackage ../tools/misc/cloud-sql-proxy { };

     

       3622
       -
       

     

       3623
        
         cloudfox = callPackage ../tools/security/cloudfox { };

     

       3624
        
       

     

       3625
        
         cloudhunter = callPackage ../tools/security/cloudhunter { };

     
···

       5854
        
         libnss-mysql = callPackage ../os-specific/linux/libnss-mysql { };

     

       5855
        
       

     

       5856
        
         libnvme = callPackage ../os-specific/linux/libnvme { };

     

       0
        
       
     

       0
        
       
     

       5857
        
       

     

       5858
        
         libxnd = callPackage ../development/libraries/libxnd { };

     

       5859
        
       

     
···

       8754
        
           python = python3;

     

       8755
        
           with-gce = true;

     

       8756
        
         };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       8757
        
       

     

       8758
        
         google-fonts = callPackage ../data/fonts/google-fonts { };

     

       8759
        
       

     
···

       19363
        
       

     

       19364
        
         guile-hall = callPackage ../development/tools/guile/guile-hall { };

     

       19365
        
       

     

       19366
       -
         guile-lint = callPackage ../development/tools/guile/guile-lint {

     

       19367
       -
           guile = guile_1_8;

     

       19368
       -
         };

     

       19369
       -
       

     

       19370
        
         gwrap = callPackage ../development/tools/guile/g-wrap {

     

       19371
        
           guile = guile_2_2;

     

       19372
        
         };

     
···

       25111
        
       

     

       25112
        
         speechd = callPackage ../development/libraries/speechd { };

     

       25113
        
       

     

       25114
       -
         speech-tools = callPackage ../development/libraries/speech-tools { };

     

       0
        
       
     

       0
        
       
     

       25115
        
       

     

       25116
        
         speex = callPackage ../development/libraries/speex {

     

       25117
        
           fftw = fftwFloat;

     
···

       41668
        
         nitrokey-app2 = libsForQt5.callPackage ../tools/security/nitrokey-app2 { };

     

       41669
        
       

     

       41670
        
         fpm2 = callPackage ../tools/security/fpm2 { };

     

       41671
       -
       

     

       41672
       -
         simplenote = callPackage ../applications/misc/simplenote { };

     

       41673
        
       

     

       41674
        
         hy = with python3Packages; toPythonApplication hy;

     

       41675

···

       3618
        
       

     

       3619
        
         clairvoyance = callPackage ../tools/security/clairvoyance { };

     

       3620
        
       

     

       0
        
       
     

       0
        
       
     

       3621
        
         cloudfox = callPackage ../tools/security/cloudfox { };

     

       3622
        
       

     

       3623
        
         cloudhunter = callPackage ../tools/security/cloudhunter { };

     
···

       5852
        
         libnss-mysql = callPackage ../os-specific/linux/libnss-mysql { };

     

       5853
        
       

     

       5854
        
         libnvme = callPackage ../os-specific/linux/libnvme { };

     

       5855
       +
       

     

       5856
       +
         librenms = callPackage ../servers/monitoring/librenms { };

     

       5857
        
       

     

       5858
        
         libxnd = callPackage ../development/libraries/libxnd { };

     

       5859
        
       

     
···

       8754
        
           python = python3;

     

       8755
        
           with-gce = true;

     

       8756
        
         };

     

       8757
       +
       

     

       8758
       +
         google-cloud-bigtable-tool = callPackage ../tools/misc/google-cloud-bigtable-tool { };

     

       8759
       +
       

     

       8760
       +
         google-cloud-sql-proxy = callPackage ../tools/misc/google-cloud-sql-proxy { };

     

       8761
        
       

     

       8762
        
         google-fonts = callPackage ../data/fonts/google-fonts { };

     

       8763
        
       

     
···

       19367
        
       

     

       19368
        
         guile-hall = callPackage ../development/tools/guile/guile-hall { };

     

       19369
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       19370
        
         gwrap = callPackage ../development/tools/guile/g-wrap {

     

       19371
        
           guile = guile_2_2;

     

       19372
        
         };

     
···

       25111
        
       

     

       25112
        
         speechd = callPackage ../development/libraries/speechd { };

     

       25113
        
       

     

       25114
       +
         speech-tools = callPackage ../development/libraries/speech-tools {

     

       25115
       +
           inherit (darwin.apple_sdk.frameworks) CoreServices AudioUnit Cocoa;

     

       25116
       +
         };

     

       25117
        
       

     

       25118
        
         speex = callPackage ../development/libraries/speex {

     

       25119
        
           fftw = fftwFloat;

     
···

       41670
        
         nitrokey-app2 = libsForQt5.callPackage ../tools/security/nitrokey-app2 { };

     

       41671
        
       

     

       41672
        
         fpm2 = callPackage ../tools/security/fpm2 { };

     

       0
        
       
     

       0
        
       
     

       41673
        
       

     

       41674
        
         hy = with python3Packages; toPythonApplication hy;

     

       41675

pkgs/top-level/python-aliases.nix

···

       128
        
         eebrightbox = throw "eebrightbox is unmaintained upstream and has therefore been removed"; # added 2022-02-03

     

       129
        
         EasyProcess = easyprocess; # added 2023-02-19

     

       130
        
         email_validator = email-validator; # added 2022-06-22

     

       0
        
       
     

       131
        
         ev3dev2 = python-ev3dev2; # added 2023-06-19

     

       132
        
         Fabric = fabric; # addedd 2023-02-19

     

       133
        
         face_recognition = face-recognition; # added 2022-10-15

     
···

       173
        
         graphite_beacon = throw "graphite_beacon was removed, because it is no longer maintained"; # added 2022-07-09

     

       174
        
         grappelli_safe = grappelli-safe; # added 2023-10-08

     

       175
        
         grpc_google_iam_v1 = grpc-google-iam-v1; # added 2021-08-21

     

       0
        
       
     

       176
        
         ha-av = throw "ha-av was removed, because it is no longer maintained"; # added 2022-04-06

     

       177
        
         HAP-python = hap-python; # added 2021-06-01

     

       178
        
         hangups = throw "hangups was removed because Google Hangouts has been shut down"; # added 2023-02-13

···

       128
        
         eebrightbox = throw "eebrightbox is unmaintained upstream and has therefore been removed"; # added 2022-02-03

     

       129
        
         EasyProcess = easyprocess; # added 2023-02-19

     

       130
        
         email_validator = email-validator; # added 2022-06-22

     

       131
       +
         et_xmlfile = et-xmlfile; # added 2023-10-16

     

       132
        
         ev3dev2 = python-ev3dev2; # added 2023-06-19

     

       133
        
         Fabric = fabric; # addedd 2023-02-19

     

       134
        
         face_recognition = face-recognition; # added 2022-10-15

     
···

       174
        
         graphite_beacon = throw "graphite_beacon was removed, because it is no longer maintained"; # added 2022-07-09

     

       175
        
         grappelli_safe = grappelli-safe; # added 2023-10-08

     

       176
        
         grpc_google_iam_v1 = grpc-google-iam-v1; # added 2021-08-21

     

       177
       +
         guzzle_sphinx_theme = guzzle-sphinx-theme; # added 2023-10-16

     

       178
        
         ha-av = throw "ha-av was removed, because it is no longer maintained"; # added 2022-04-06

     

       179
        
         HAP-python = hap-python; # added 2021-06-01

     

       180
        
         hangups = throw "hangups was removed because Google Hangouts has been shut down"; # added 2023-02-13

+4 -2

pkgs/top-level/python-packages.nix

···

       1850
        
       

     

       1851
        
         comicon = callPackage ../development/python-modules/comicon { };

     

       1852
        
       

     

       0
        
       
     

       0
        
       
     

       1853
        
         connect-box = callPackage ../development/python-modules/connect_box { };

     

       1854
        
       

     

       1855
        
         connection-pool = callPackage ../development/python-modules/connection-pool { };

     
···

       3620
        
       

     

       3621
        
         etuples = callPackage ../development/python-modules/etuples { };

     

       3622
        
       

     

       3623
       -
         et_xmlfile = callPackage ../development/python-modules/et_xmlfile { };

     

       3624
        
       

     

       3625
        
         eufylife-ble-client = callPackage ../development/python-modules/eufylife-ble-client { };

     

       3626
        
       

     
···

       4816
        
         else

     

       4817
        
           throw "gurobipy not yet supported on ${stdenv.hostPlatform.system}";

     

       4818
        
       

     

       4819
       -
         guzzle_sphinx_theme = callPackage ../development/python-modules/guzzle_sphinx_theme { };

     

       4820
        
       

     

       4821
        
         gvm-tools = callPackage ../development/python-modules/gvm-tools { };

     

       4822

···

       1850
        
       

     

       1851
        
         comicon = callPackage ../development/python-modules/comicon { };

     

       1852
        
       

     

       1853
       +
         command_runner = callPackage ../development/python-modules/command_runner { };

     

       1854
       +
       

     

       1855
        
         connect-box = callPackage ../development/python-modules/connect_box { };

     

       1856
        
       

     

       1857
        
         connection-pool = callPackage ../development/python-modules/connection-pool { };

     
···

       3622
        
       

     

       3623
        
         etuples = callPackage ../development/python-modules/etuples { };

     

       3624
        
       

     

       3625
       +
         et-xmlfile = callPackage ../development/python-modules/et-xmlfile { };

     

       3626
        
       

     

       3627
        
         eufylife-ble-client = callPackage ../development/python-modules/eufylife-ble-client { };

     

       3628
        
       

     
···

       4818
        
         else

     

       4819
        
           throw "gurobipy not yet supported on ${stdenv.hostPlatform.system}";

     

       4820
        
       

     

       4821
       +
         guzzle-sphinx-theme = callPackage ../development/python-modules/guzzle-sphinx-theme { };

     

       4822
        
       

     

       4823
        
         gvm-tools = callPackage ../development/python-modules/gvm-tools { };

     

       4824